Web application abuses : Kallithea < 0.2 CSRF Vulnerability

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.112059

Kategorie: Web application abuses

Titel: Kallithea < 0.2 CSRF Vulnerability

Zusammenfassung: A vulnerability has been found in Kallithea,; allowing attackers to gain unauthorised access to the account of a logged in user.

Beschreibung: Summary:
A vulnerability has been found in Kallithea,
allowing attackers to gain unauthorised access to the account of a logged in user.

Vulnerability Insight:
Pages that present forms to the user and accept user input don't provide synchronisation tokens to prevent cross-site request forgery.

It is possible to change an email address of a user by tricking them into clicking a link that initiates a malicious HTTP request.

After this, the attacker can request a password reset, the link is then sent to their new email address.
Then the attacker changes the email address back to the original, and doesn't log out, saving the cookie.

At this point, the attacker has full access to the user's account. The user can't login (the password has changed),
but might think that he forgot the password, has an account lockout, or an expired account. The user does a password reset, but the attacker still has the access.

Vulnerability Impact:
The vulnerability allows attackers to steal the account of an active user by using social engineering techniques.
In the case the user also has administrator rights, it is possible for the attacker to gain full administrator access to the Kallithea instance.

Affected Software/OS:
Kallithea before version 0.2

Solution:
Upgrade to Kallithea version 0.2 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 74052
Common Vulnerability Exposure (CVE) ID: CVE-2015-0276
http://www.securityfocus.com/bid/74052
http://www.openwall.com/lists/oss-security/2015/04/10/8

Copyright Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.112059
Kategorie:	Web application abuses
Titel:	Kallithea < 0.2 CSRF Vulnerability
Zusammenfassung:	A vulnerability has been found in Kallithea,; allowing attackers to gain unauthorised access to the account of a logged in user.
Beschreibung:	Summary: A vulnerability has been found in Kallithea, allowing attackers to gain unauthorised access to the account of a logged in user. Vulnerability Insight: Pages that present forms to the user and accept user input don't provide synchronisation tokens to prevent cross-site request forgery. It is possible to change an email address of a user by tricking them into clicking a link that initiates a malicious HTTP request. After this, the attacker can request a password reset, the link is then sent to their new email address. Then the attacker changes the email address back to the original, and doesn't log out, saving the cookie. At this point, the attacker has full access to the user's account. The user can't login (the password has changed), but might think that he forgot the password, has an account lockout, or an expired account. The user does a password reset, but the attacker still has the access. Vulnerability Impact: The vulnerability allows attackers to steal the account of an active user by using social engineering techniques. In the case the user also has administrator rights, it is possible for the attacker to gain full administrator access to the Kallithea instance. Affected Software/OS: Kallithea before version 0.2 Solution: Upgrade to Kallithea version 0.2 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 74052 Common Vulnerability Exposure (CVE) ID: CVE-2015-0276 http://www.securityfocus.com/bid/74052 http://www.openwall.com/lists/oss-security/2015/04/10/8
Copyright	Copyright (C) 2017 Greenbone Networks GmbH