Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1403

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-1403
Last Modified 23 Aug 2011 11:16:54
Published 13 May 2011 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1403

Summary

Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3.6 allows remote attackers to hijack the authentication of arbitrary users for requests to any form, related to inappropriate regeneration of session keys.

Vulnerable Systems

Application

  • Mahara 0.9.0

  • Mahara 0.9.1

  • Mahara 0.9.2

  • Mahara 1.0.0

  • Mahara 1.0.1

  • Mahara 1.0.10

  • Mahara 1.0.11

  • Mahara 1.0.12

  • Mahara 1.0.13

  • Mahara 1.0.14

  • Mahara 1.0.15

  • Mahara 1.0.2

  • Mahara 1.0.3

  • Mahara 1.0.4

  • Mahara 1.0.5

  • Mahara 1.0.6

  • Mahara 1.0.7

  • Mahara 1.0.8

  • Mahara 1.0.9

  • Mahara 1.1

  • Mahara 1.1.0

  • Mahara 1.1.1

  • Mahara 1.1.2

  • Mahara 1.1.3

  • Mahara 1.1.4

  • Mahara 1.1.5

  • Mahara 1.1.6

  • Mahara 1.1.7

  • Mahara 1.1.8

  • Mahara 1.1.9

  • Mahara 1.2.0

  • Mahara 1.2.1

  • Mahara 1.2.2

  • Mahara 1.2.3

  • Mahara 1.2.4

  • Mahara 1.2.5

  • Mahara 1.2.6

  • Mahara 1.3.0

  • Mahara 1.3.1

  • Mahara 1.3.2

  • Mahara 1.3.3

  • Mahara 1.3.4

  • Mahara 1.3.5


References

CONFIRM - https://launchpad.net/mahara/+milestone/1.3.6

CONFIRM - https://launchpad.net/mahara/+bug/771598

XF - mahara-unspecified-csrf(67398)

BID - 47798

DEBIAN - DSA-2246

SECUNIA - 44433


Last Updated: 27 May 2016 10:56:18