[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-950

ID: oval:org.secpod.oval:def:1600832Date: (C)2018-02-12   (M)2022-08-29
Class: PATCHFamily: unix




Transmission relies on X-Transmission-Session-Id for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS rebinding attack

Platform:
Amazon Linux AMI
Product:
transmission
Reference:
ALAS-2018-950
CVE-2018-5702
CVE    1
CVE-2018-5702
CPE    2
cpe:/o:amazon:linux
cpe:/a:transmissionbt:transmission

© SecPod Technologies