Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0165

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-0165
Last Modified 07 Mar 2011 10:04:03
Published 21 Apr 2008 09:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0165

Summary

Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 allows remote attackers to modify user preferences, including passwords, via the (1) preferences and (2) edit forms.

Vulnerable Systems

Application

  • Ikiwiki 2.41


References

XF - ikiwiki-change-password-csrf(41904)

VUPEN - ADV-2008-1297

DEBIAN - DSA-1553

SECUNIA - 29932

SECUNIA - 29907

CONFIRM - http://ikiwiki.info/security/#index31h2

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475445


Last Updated: 27 May 2016 10:46:42