7 matches found
Apache Archiva 1.0 - 1.3.1 CSRF Vulnerability
No description provided by source. ANATOLIA SECURITY ADVISORY -------------------------------------- ADVISORY INFO + Title: Apache Archiva Cross-site Request Forgery Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-001.txt + Advisory ID: 2010-001 + Versions: Archiva 1...
[SECURITY] CVE-2010-3449: Apache Continuum CSRF vulnerability
CVE-2010-3449: Apache Continuum CSRF vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Continuum 1.3.6 Continuum 1.4.0 Beta The unsupported versions Continuum 1.1 - 1.2.3.1 are also affected. Description: Administrators are able to change any user's...
Apache Archiva 1.0 1.3.1 - Cross-Site Request Forgery
Apache Archiva 1.0 1.3.1 - Cross-Site Request Forgery ANATOLIA SECURITY ADVISORY -------------------------------------- ADVISORY INFO + Title: Apache Archiva Cross-site Request Forgery Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-001.txt + Advisory ID: 2010-001 +...
Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery
ANATOLIA SECURITY ADVISORY -------------------------------------- ADVISORY INFO + Title: Apache Archiva Cross-site Request Forgery Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-001.txt + Advisory ID: 2010-001 + Versions: Archiva 1.0 to 1.3.1 + Date: 29/09/2010 +...
CVE-2010-3449
Cross-site request forgery CSRF vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of...
Cross site request forgery (csrf)
Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a 1 unattended...
CVE-2010-3449
CVE-2010-3449 is a CSRF flaw in Redback (used by Apache Archiva and Apache Continuum) that allows an attacker to hijack administrator sessions to modify credentials. Affected products include Archiva 1.0–1.3.1 (and related Continuum versions) with Redback versions before 1.2.4 used for authentica...