Full Disclosure mailing list archives
[CVE-2010-3449] Apache Archiva CSRF Vulnerability
From: Deng Ching <oching () apache org>
Date: Tue, 30 Nov 2010 07:13:32 +0800
CVE-2010-3449: Apache Archiva CSRF Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Archiva 1.0 to 1.0.3 (end of life) Archiva 1.1 to 1.1.4 (end of life) Archiva 1.2 to 1.2.2 (end of life) Archiva 1.3 to 1.3.1 Description: Apache Archiva doesn't check which form sends credentials. An attacker can create a specially crafted page and force archiva administrators to view it and change their credentials. To fix this, a referrer check was added to the security interceptor for all secured actions. A prompt for the administrator's password when changing a user account was also set in place. Mitigation: All users should upgrade to 1.3.2 (http://archiva.apache.org/download.html) Credit: This issue was discovered by Anatolia Security Research Group References: http://archiva.apache.org/security.html Thanks, The Apache Archiva Team _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [CVE-2010-3449] Apache Archiva CSRF Vulnerability Deng Ching (Nov 30)