You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@archiva.apache.org by "Maria Odea Ching (JIRA)" <ji...@codehaus.org> on 2010/11/30 03:43:04 UTC

[jira] Created: (MRM-1438) CSRF vulnerability - Archiva doesn't check which form sends credentials

CSRF vulnerability - Archiva doesn't check which form sends credentials
-----------------------------------------------------------------------

                 Key: MRM-1438
                 URL: http://jira.codehaus.org/browse/MRM-1438
             Project: Archiva
          Issue Type: Bug
          Components: Users/Security
    Affects Versions: 1.3.1
            Reporter: Maria Odea Ching
            Priority: Critical


As reported by Anatolia Security Research Group, Apache Archiva doesn't check which form sends credentials. An attacker can create a specially crafted page and force archiva administrators to view it and change their credentials.

Vulnerability reference key: [CVE-2010-3449] Apache Archiva CSRF Vulnerability

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Closed: (MRM-1438) CSRF vulnerability - Archiva doesn't check which form sends credentials

Posted by "Maria Odea Ching (JIRA)" <ji...@codehaus.org>.

     [ http://jira.codehaus.org/browse/MRM-1438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Maria Odea Ching closed MRM-1438.
---------------------------------

       Resolution: Fixed
    Fix Version/s: 1.3.2
         Assignee: Maria Odea Ching

Fixed in [-r1038518|http://svn.apache.org/viewvc?view=revision&revision=1038518]:
* upgrade to Redback 1.2.4 where this issue was fixed
* enable referrer check by default for security interceptor in Archiva

> CSRF vulnerability - Archiva doesn't check which form sends credentials
> -----------------------------------------------------------------------
>
>                 Key: MRM-1438
>                 URL: http://jira.codehaus.org/browse/MRM-1438
>             Project: Archiva
>          Issue Type: Bug
>          Components: Users/Security
>    Affects Versions: 1.3.1
>            Reporter: Maria Odea Ching
>            Assignee: Maria Odea Ching
>            Priority: Critical
>             Fix For: 1.3.2
>
>
> As reported by Anatolia Security Research Group, Apache Archiva doesn't check which form sends credentials. An attacker can create a specially crafted page and force archiva administrators to view it and change their credentials.
> Vulnerability reference key: [CVE-2010-3449] Apache Archiva CSRF Vulnerability

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira