CVE-2009-3584
Priority
Low
Description
SQL-Ledger 2.8.24 does not set the secure flag for the session cookie in an
https session, which makes it easier for remote attackers to capture this
cookie by intercepting its transmission within an http session.
https session, which makes it easier for remote attackers to capture this
cookie by intercepting its transmission within an http session.
Package
| Upstream: | needed |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needed |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | needed |
| Ubuntu 12.10 (Quantal Quetzal): | needed |
| Ubuntu 13.04 (Raring Ringtail): | needed |
| Ubuntu 13.10 (Saucy Salamander): | needed |