[Forgot Password]
Login  Register Subscribe

23631

 
 

126998

 
 

102010

 
 

909

 
 

80911

 
 

121

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-950

ID: oval:org.secpod.oval:def:1600832Date: (C)2018-02-12   (M)2018-02-12
Class: PATCHFamily: unix




Transmission relies on X-Transmission-Session-Id for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS rebinding attack

Platform:
Amazon Linux AMI
Product:
transmission
Reference:
ALAS-2018-950
CVE-2018-5702
CVE    1
CVE-2018-5702
CPE    5
cpe:/o:amazon:linux
cpe:/a:transmissionbt:transmission
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:7.0
...

© 2013 SecPod Technologies