The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access. Date published : 2000-01-04