Your submission was sent successfully! Close

CVE-2012-2144

Published: 4 May 2012

Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie.

Priority

Medium

Status

Package Release Status
horizon
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric Does not exist

precise
Released (2012.1-0ubuntu8.1)
upstream Needs triage

Patches:
upstream: https://github.com/openstack/horizon/commit/abc532fa90eac1cc970423339347e318aa8d1b1a