12 matches found
Mageia: Security Advisory (MGASA-2018-0230)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-201806-07 : Transmission: Remote code execution
The remote host is affected by the vulnerability described in GLSA-201806-07 Transmission: Remote code execution A vulnerability was discovered in how Transmission handles access control through the X-Transmission-Session-Id. Impact : A remote attacker could execute arbitrary RFC commands or...
Fedora Update for transmission FEDORA-2018-b166805347
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: transmission
Issue Overview: Transmission relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a D...
Debian: Security Advisory (DLA-1246-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1246-1] transmission security update
Package : transmission Version : 2.52-3+nmu3 CVE ID : CVE-2018-5702 Debian Bug : 886990 Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent client; insecure RPC handling between the Transmission daemon and the client interfaces may result in the execution of arbitrary code if ...
Fedora 27 : transmission (2018-d1e263e68e)
Security fix for CVE-2018-5702 Mitigate dns rebinding attacks against daemon Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
[ASA-201801-13] transmission-cli: arbitrary command execution
Arch Linux Security Advisory ASA-201801-13 ========================================== Severity: High Date : 2018-01-17 CVE-ID : CVE-2018-5702 Package : transmission-cli Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-588 Summary ======= The package...
DEBIAN-CVE-2018-5702
Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...
CVE-2018-5702
Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...
CVE-2018-5702
Transmission 2.92 and earlier versions rely on X-Transmission-Session-Id for access control, which is not a forbidden header for Fetch. This allows remote attackers to execute arbitrary RPC commands and write arbitrary files via POST to /transmission/rpc when combined with a DNS rebinding attack....
CVE-2018-5702
creationtimestamp| type| source ---|---|--- 2018-01-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43665 2018-01-16 10:48:53+00:00| seen| https://t.me/SecLabNews/1303...