Ubuntu Update For Transmission Vulnerabilities USN-885-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-885-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that the Transmission web interface was vulnerable to cross-site request forgery (CSRF) attacks. If a user were tricked into opening a specially crafted web page in a browser while Transmission was running, an attacker could trigger commands in Transmission. This issue affected Ubuntu 9.04. (CVE-2009-1757) Dan Rosenberg discovered that Transmission did not properly perform input validation when processing torrent files. If a user were tricked into opening a crafted torrent file, an attacker could overwrite files via directory traversal. (CVE-2010-0012)

Affected

transmission vulnerabilities on Ubuntu 8.04 LTS , Ubuntu 8.10 , Ubuntu 9.04 , Ubuntu 9.10

Severity

Classification

CVE CVE-2009-1757, CVE-2010-0012

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for apache2 USN-1765-1
Ubuntu Update for curl USN-1894-1
Ubuntu Update for awstats vulnerability USN-686-1
Ubuntu Update for curl USN-2346-1
Ubuntu Update for acpi-support USN-2297-1

Ubuntu Update for transmission vulnerabilities USN-885-1

Take action and discover your vulnerabilities