Detections
Analytics

Request Tracker Session Fixation Vulnerability

medium Nessus Plugin ID 43006

Language:

Synopsis

The remote web server is running a Perl application that is affected by a session fixation vulnerability.

Description

The version of Best Practical Solutions Request Tracker (RT) running on the remote web server is affected by a session fixation vulnerability due to the application authenticating users without invalidating their existing session ID. A remote attacker can exploit this by tricking a user into logging in with a known session ID, allowing the attacker to hijack the user's session.

This version of RT is reportedly affected by a different session fixation vulnerability, though Nessus has not checked for it.

Solution

Upgrade to Request Tracker 3.8.6 / 3.6.10 or later, or apply the patch listed in the advisory.

See Also

http://www.nessus.org/u?443e08f3

http://www.nessus.org/u?33d71852

Plugin Details

Severity: Medium

ID: 43006

File Name: rt_session_fixation.nasl

Version: 1.17

Type: remote

Family: CGI abuses

Published: 12/4/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: cpe:/a:bestpractical:rt

Required KB Items: installed_sw/RT

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 11/30/2009

Vulnerability Publication Date: 11/30/2009

Reference Information

CVE: CVE-2009-4151

BID: 37162

CWE: 287

SECUNIA: 37546