"If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked - Richard Clarke"

RSS

HIO-2010-0426 Snare Agent Web Interface CSRF Vulnerability PDF Print E-mail

The web management interface for various Intersect Alliance Snare Agents and Epilog is vulnerable to cross-site request forgery attacks.

The applications allow users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the password or remote listening port by tricking a user into visiting a specially crafted link.

Successful exploitation requires that the web-based configuration capability is turned on.

The vulnerability is reported in the following products and versions:
* Snare for Solaris 3.2.3 and prior
* Snare for Windows 3.1.7 and prior
* Snare for Linux 1.5.0 and prior
* Snare for AIX 1.5.0 and prior
* Snare for Irix 1.4 and prior
* Epilog for Windows 1.5.3 and prior
* Epilog for Unix version 1.2 and prior

Updates are available from the vendor.

 

References:

 

CVE-2010-2594

BID: 41226

OSVDB: 65829

SA: 39562

XF: 59874

Related: 

Vendor Solution: Update


 
< Prev   Next >
[ Back ]