CVE-2010-3902

N/A Unknown

Published: October 14, 2010 Modified: April 29, 2026

Description

OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051620.html

Source: cve@mitre.org

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051637.html

Source: cve@mitre.org

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051640.html

Source: cve@mitre.org

http://secunia.com/advisories/42381

Source: cve@mitre.org

http://www.infradead.org/openconnect.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/44111

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2010/3078

Source: cve@mitre.org

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051620.html