Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-1757
HistoryMay 22, 2009 - 12:00 a.m.

CVE-2009-1757

2009-05-2200:00:00
ubuntu.com
ubuntu.com
6

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

35.7%

JSON

Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before
1.53 and 1.6 before 1.61 allows remote attackers to hijack the
authentication of unspecified victims via unknown vectors.

Notes

Author Note
jdstrand 8.04 LTS does not provide a web interface 9.04 switched http implementations from shttpd to evhttpd. As a result, the upstream patch is not valid on 8.10 and a new patch needs to be written from scratch. The web interface in 8.10 is considered beta and is disabled by default. The web interface must be enabled and the user must be tricked into navigating his/her browser to a malicious site while transmission is running.
OSVersionArchitecturePackageVersionFilename
ubuntu9.04noarchtransmission< 1.51-0ubuntu3.1UNKNOWN

Related

debiancve 1
cve 1
openvas 6
prion 1
cvelist 1
nvd 1
nessus 2
ubuntu 1
debiancve
debiancve
CVE-2009-1757
2022-10-03 16:23:59
cve
cve
CVE-2009-1757
2022-10-03 16:23:59
openvas
openvas
Transmission Client Cross Site Request Forgery Vulnerability
2009-05-29 00:00:00
Transmission Client Cross Site Request Forgery Vulnerability
2009-05-29 00:00:00
Ubuntu Update for transmission vulnerabilities USN-885-1
2010-01-19 00:00:00
prion
prion
Cross site request forgery (csrf)
2009-05-22 11:52:00
cvelist
cvelist
CVE-2009-1757
2022-10-03 16:23:59
nvd
nvd
CVE-2009-1757
2009-05-22 11:52:40
nessus
nessus
Mandriva Linux Security Advisory : transmission (MDVSA-2010:013)
2010-07-30 00:00:00
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : transmission vulnerabilities (USN-885-1)
2010-01-15 00:00:00
ubuntu
ubuntu
Transmission vulnerabilities
2010-01-18 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

35.7%

JSON
Related for UB:CVE-2009-1757
debiancve1cve1openvas6prion1cvelist1nvd1nessus2ubuntu1