Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo: GLSA 200612-14 Low: Trac Cross-Site Request Forgery

gentoo
Calendar Grey December 12, 2006
Dist Gentoo Esm H88
Gentoo Linux Notice: Trac has a minor CSRF vulnerability that could allow remote attackers to perform unauthorized operations.
Trac allows remote attackers to execute unauthorized actions as other users.

Summary

Gentoo Linux Security Advisory GLSA 200612-14 https://security.gentoo.org/ Severity: Low Title: Trac: Cross-site request forgery Date: December 12, 2006 Bugs: #154574 ID: 200612-14

Synopsis ======= Trac allows remote attackers to execute unauthorized actions as other users.
Background ========= Trac is a wiki and issue tracking system for software development projects.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/trac < 0.10.1 >= 0.10.1
========== Trac allows users to perform certain tasks via HTTP requests without performing correct validation on those requests.
Impact ===== An attacker could entice an authenticated user to browse to a spe...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory unauthorized access security issue gentoo low severity trac csrf

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory unauthorized access security issue gentoo low severity trac csrf

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here