A vulnerability in ipsilon was found that allows attacker to log out active
sessions of other users. This issue is related to how it tracks sessions, and
allows an unauthenticated attacker to view and terminate active sessions from
All versions of Ipsilon 2.0 before 2.0.2 are vulnerable.
All versions of Ipsilon 1.2 before 1.2.1 are vulnerable.
All versions of Ipsilon 1.1 before 1.1.2 are vulnerable.
All versions of Ipsilon 1.0 before 1.0.3 are vulnerable.
Name: Patrick Uiterwijk (Red Hat), Howard Johnson
Created attachment 1218514 [details]
Created ipsilon tracking bugs for this issue:
Affects: fedora-all [bug 1396973]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2016:2809 https://rhn.redhat.com/errata/RHSA-2016-2809.html
*** Bug 1526610 has been marked as a duplicate of this bug. ***