Lucene search
UbuntuUSN-885-1HistoryJan 18, 2010 - 12:00 a.m.
Transmission vulnerabilities
2010-01-1800:00:00
ubuntu.com
32
Releases
- Ubuntu 9.10
- Ubuntu 9.04
- Ubuntu 8.10
- Ubuntu 8.04
Packages
- transmission -
Details
It was discovered that the Transmission web interface was vulnerable to
cross-site request forgery (CSRF) attacks. If a user were tricked into
opening a specially crafted web page in a browser while Transmission was
running, an attacker could trigger commands in Transmission. This issue
affected Ubuntu 9.04. (CVE-2009-1757)
Dan Rosenberg discovered that Transmission did not properly perform input
validation when processing torrent files. If a user were tricked into
opening a crafted torrent file, an attacker could overwrite files via
directory traversal. (CVE-2010-0012)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | transmission-gtk | < 1.75-0ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | transmission-cli | < 1.75-0ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | transmission-daemon | < 1.75-0ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | transmission-qt | < 1.75-0ubuntu2.2 | UNKNOWN |
| Ubuntu | 9.04 | noarch | transmission-gtk | < 1.51-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.04 | noarch | transmission-cli | < 1.51-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 9.04 | noarch | transmission-daemon | < 1.51-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | transmission-gtk | < 1.34-0ubuntu2.3 | UNKNOWN |
| Ubuntu | 8.10 | noarch | transmission-cli | < 1.34-0ubuntu2.3 | UNKNOWN |
| Ubuntu | 8.04 | noarch | transmission-gtk | < 1.06-0ubuntu6.1 | UNKNOWN |
Related
nessus
nessus
Mandriva Linux Security Advisory : transmission (MDVSA-2010:013)
2010-07-30 00:00:00
openSUSE Security Update : transmission (transmission-1777)
2010-01-22 00:00:00
openvas
openvas
Ubuntu Update for transmission vulnerabilities USN-885-1
2010-01-19 00:00:00
Mandriva Update for transmission MDVSA-2010:013 (transmission)
2010-01-20 00:00:00
Mandriva Update for transmission MDVSA-2010:013 (transmission)
2010-01-20 00:00:00
debiancve
debiancve
CVE-2009-1757
2009-05-22 11:52:00
CVE-2010-0012
2010-01-08 17:30:00
prion
prion
Cross site request forgery (csrf)
2009-05-22 11:52:00
Directory traversal
2010-01-08 17:30:00
ubuntucve
ubuntucve
CVE-2009-1757
2009-05-22 00:00:00
CVE-2010-0012
2010-01-08 00:00:00
cve
cve
CVE-2009-1757
2009-05-22 11:52:00
CVE-2010-0012
2010-01-08 17:30:00
cvelist
cvelist
CVE-2009-1757
2022-10-03 16:23:59
CVE-2010-0012
2010-01-08 17:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1967-1] New transmission packages fix directory traversal
2010-01-08 00:00:00
Transmission bittorent client directory traversal
2010-01-08 00:00:00
debian
debian
[Backports-security-announce] Security update for transmission
2010-01-30 18:09:41
[SECURITY] [DSA 1967-1] New transmission packages fix directory traversal
2010-01-07 19:42:23
[Backports-security-announce] Security update for transmission
2010-01-30 18:51:29
seebug
seebug
Transmission任意文件覆盖漏洞
2010-01-12 00:00:00
altlinux
altlinux
osv
osv
transmission - directory traversal
2010-01-07 00:00:00
suse
suse
remote code execution in acroread
2010-01-26 16:40:23