|
Family: Debian Local Security Checks --> Category: infos
[DSA1209] DSA-1209-2 trac Vulnerability Scan
Vulnerability Scan Summary DSA-1209-2 trac
Detailed Explanation for this Vulnerability Test
It was discovered that Trac, a wiki and issue tracking system for
software development projects, performs insufficient validation against
cross-site request forgery, which might lead to a possible hacker being able
to perform manipulation of a Trac site with the rights of the
attacked Trac user.
For the stable distribution (sarge) this problem has been fixed in
version 0.8.1-3sarge7.
For the unstable distribution (sid) this problem has been fixed in
version 0.10.1-1.
We recommend that you upgrade your trac package.
Solution : http://www.debian.org/security/2006/dsa-1209
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|