CSRF vulnerability - Archiva doesn't check which form sends credentials

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 1.3.1
Fix Version/s: 1.3.2
Component/s: Users/Security
Labels:
None

Number of attachments :
0

Description

As reported by Anatolia Security Research Group, Apache Archiva doesn't check which form sends credentials. An attacker can create a specially crafted page and force archiva administrators to view it and change their credentials.

Vulnerability reference key: [CVE-2010-3449] Apache Archiva CSRF Vulnerability

Activity

Hide

Permalink

Maria Odea Ching added a comment - 29/Nov/10 8:46 PM

Fixed in -r1038518:

upgrade to Redback 1.2.4 where this issue was fixed
enable referrer check by default for security interceptor in Archiva

Show

Maria Odea Ching added a comment - 29/Nov/10 8:46 PM Fixed in -r1038518 : upgrade to Redback 1.2.4 where this issue was fixed enable referrer check by default for security interceptor in Archiva

People

Assignee:

Maria Odea Ching

Reporter:

Maria Odea Ching

Vote (0)

Watch (0)

Dates

Created:

29/Nov/10 8:41 PM

Updated:

29/Nov/10 8:46 PM

Resolved:

29/Nov/10 8:46 PM