CVE-2014-4691 Information

Description

Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie.

Reference

https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc