Ubuntu Update For Transmission Vulnerabilities USN-885-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-885-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that the Transmission web interface was vulnerable to cross-site request forgery (CSRF) attacks. If a user were tricked into opening a specially crafted web page in a browser while Transmission was running, an attacker could trigger commands in Transmission. This issue affected Ubuntu 9.04. (CVE-2009-1757) Dan Rosenberg discovered that Transmission did not properly perform input validation when processing torrent files. If a user were tricked into opening a crafted torrent file, an attacker could overwrite files via directory traversal. (CVE-2010-0012)

Affected

transmission vulnerabilities on Ubuntu 8.04 LTS , Ubuntu 8.10 , Ubuntu 9.04 , Ubuntu 9.10

Severity

Classification

CVE CVE-2009-1757, CVE-2010-0012
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for clamav vulnerability USN-684-1
Ubuntu Update for apt USN-2353-1
Ubuntu Update for bind9 vulnerabilities USN-1025-1
Ubuntu Update for clamav USN-2157-1
Ubuntu Update for awstats vulnerability USN-1047-1

Ubuntu Update for transmission vulnerabilities USN-885-1

Take action and discover your vulnerabilities