CVE-2010-2594: CSRF
First published: Thu Jul 01 2010(Updated: )
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| InterSect Alliance Snare Agent | <=3.2.3 | |
| InterSect Alliance Snare Agent | =2.0 | |
| InterSect Alliance Snare Agent | =2.1 | |
| InterSect Alliance Snare Agent | =2.3 | |
| InterSect Alliance Snare Agent | =2.4 | |
| InterSect Alliance Snare Agent | =2.5 | |
| InterSect Alliance Snare Agent | =2.5.2 | |
| InterSect Alliance Snare Agent | =2.5.3 | |
| InterSect Alliance Snare Agent | =2.5.4 | |
| InterSect Alliance Snare Agent | =2.5.6 | |
| InterSect Alliance Snare Agent | =2.5.7 | |
| InterSect Alliance Snare Agent | =3.0.0 | |
| InterSect Alliance Snare Agent | =3.1.0 | |
| InterSect Alliance Snare Agent | =3.2.0 | |
| InterSect Alliance Snare Agent | =3.2.1 | |
| InterSect Alliance Snare Agent | =3.2.2 | |
| Sun Solaris | ||
| InterSect Alliance Snare Agent | <=3.1.7 | |
| InterSect Alliance Snare Agent | =3.1.2 | |
| InterSect Alliance Snare Agent | =3.1.3 | |
| InterSect Alliance Snare Agent | =3.1.4 | |
| InterSect Alliance Snare Agent | =3.1.5 | |
| InterSect Alliance Snare Agent | =3.1.6 | |
| Microsoft Windows 2000 | ||
| Microsoft Windows 2003 Server | ||
| Microsoft Windows XP | ||
| InterSect Alliance Snare Agent | <=1.5.0 | |
| InterSect Alliance Snare Agent | =0.9.2 | |
| InterSect Alliance Snare Agent | =0.9.6 | |
| InterSect Alliance Snare Agent | =0.9.7 | |
| InterSect Alliance Snare Agent | =0.9.7a | |
| InterSect Alliance Snare Agent | =0.9.8 | |
| InterSect Alliance Snare Agent | =1.0 | |
| InterSect Alliance Snare Agent | =1.1 | |
| InterSect Alliance Snare Agent | =1.2 | |
| InterSect Alliance Snare Agent | =1.3 | |
| InterSect Alliance Snare Agent | =1.4 | |
| InterSect Alliance Snare Agent | =1.4.1 | |
| Linux Linux | ||
| InterSect Alliance Snare Agent | <=1.4 | |
| SGI IRIX | ||
| InterSect Alliance SNARE Epilog | <=1.5.3 | |
| InterSect Alliance SNARE Epilog | =1.1 | |
| InterSect Alliance SNARE Epilog | =1.2 | |
| InterSect Alliance SNARE Epilog | =1.3 | |
| InterSect Alliance SNARE Epilog | =1.3.1 | |
| InterSect Alliance SNARE Epilog | =1.3.3 | |
| InterSect Alliance SNARE Epilog | =1.4.0 | |
| InterSect Alliance SNARE Epilog | =1.5.0 | |
| InterSect Alliance SNARE Epilog | =1.5.1 | |
| InterSect Alliance SNARE Epilog | =1.5.2 | |
| Microsoft Windows | ||
| InterSect Alliance SNARE Epilog | <=1.2 | |
| Unix Unix | ||
| IBM AIX | ||
| InterSect Alliance Snare Agent | <=1.1.4 | |
| InterSect Alliance Snare Agent | =1.0.1 | |
| InterSect Alliance Snare Agent | =1.1.0 | |
| InterSect Alliance Snare Agent | =1.1.1 | |
| InterSect Alliance Snare Agent | =1.1.2 | |
| Microsoft Windows 7 | ||
| Microsoft Windows Server 2008 | ||
| Microsoft Windows Vista | ||
| All of | ||
| Any of | ||
| InterSect Alliance Snare Agent | <=3.2.3 | |
| InterSect Alliance Snare Agent | =2.0 | |
| InterSect Alliance Snare Agent | =2.1 | |
| InterSect Alliance Snare Agent | =2.3 | |
| InterSect Alliance Snare Agent | =2.4 | |
| InterSect Alliance Snare Agent | =2.5 | |
| InterSect Alliance Snare Agent | =2.5.2 | |
| InterSect Alliance Snare Agent | =2.5.3 | |
| InterSect Alliance Snare Agent | =2.5.4 | |
| InterSect Alliance Snare Agent | =2.5.6 | |
| InterSect Alliance Snare Agent | =2.5.7 | |
| InterSect Alliance Snare Agent | =3.0.0 | |
| InterSect Alliance Snare Agent | =3.1.0 | |
| InterSect Alliance Snare Agent | =3.2.0 | |
| InterSect Alliance Snare Agent | =3.2.1 | |
| InterSect Alliance Snare Agent | =3.2.2 | |
| Sun Solaris | ||
| All of | ||
| Any of | ||
| InterSect Alliance Snare Agent | <=3.1.7 | |
| InterSect Alliance Snare Agent | =3.0.0 | |
| InterSect Alliance Snare Agent | =3.1.0 | |
| InterSect Alliance Snare Agent | =3.1.2 | |
| InterSect Alliance Snare Agent | =3.1.3 | |
| InterSect Alliance Snare Agent | =3.1.4 | |
| InterSect Alliance Snare Agent | =3.1.5 | |
| InterSect Alliance Snare Agent | =3.1.6 | |
| Any of | ||
| Microsoft Windows 2000 | ||
| Microsoft Windows 2003 Server | ||
| Microsoft Windows XP | ||
| All of | ||
| Any of | ||
| InterSect Alliance Snare Agent | <=1.5.0 | |
| InterSect Alliance Snare Agent | =0.9.2 | |
| InterSect Alliance Snare Agent | =0.9.6 | |
| InterSect Alliance Snare Agent | =0.9.7 | |
| InterSect Alliance Snare Agent | =0.9.7a | |
| InterSect Alliance Snare Agent | =0.9.8 | |
| InterSect Alliance Snare Agent | =1.0 | |
| InterSect Alliance Snare Agent | =1.1 | |
| InterSect Alliance Snare Agent | =1.2 | |
| InterSect Alliance Snare Agent | =1.3 | |
| InterSect Alliance Snare Agent | =1.4 | |
| InterSect Alliance Snare Agent | =1.4.1 | |
| Linux Linux kernel | ||
| All of | ||
| Any of | ||
| InterSect Alliance Snare Agent | <=1.4 | |
| InterSect Alliance Snare Agent | =1.0 | |
| InterSect Alliance Snare Agent | =1.2 | |
| InterSect Alliance Snare Agent | =1.3 | |
| SGI IRIX | ||
| All of | ||
| Any of | ||
| InterSect Alliance SNARE Epilog | <=1.5.3 | |
| InterSect Alliance SNARE Epilog | =1.1 | |
| InterSect Alliance SNARE Epilog | =1.2 | |
| InterSect Alliance SNARE Epilog | =1.3 | |
| InterSect Alliance SNARE Epilog | =1.3.1 | |
| InterSect Alliance SNARE Epilog | =1.3.3 | |
| InterSect Alliance SNARE Epilog | =1.4.0 | |
| InterSect Alliance SNARE Epilog | =1.5.0 | |
| InterSect Alliance SNARE Epilog | =1.5.1 | |
| InterSect Alliance SNARE Epilog | =1.5.2 | |
| Microsoft Windows | ||
| All of | ||
| Any of | ||
| InterSect Alliance SNARE Epilog | <=1.2 | |
| InterSect Alliance SNARE Epilog | =1.1 | |
| Unix Unix | ||
| All of | ||
| Any of | ||
| InterSect Alliance Snare Agent | <=1.5.0 | |
| InterSect Alliance Snare Agent | =1.0 | |
| InterSect Alliance Snare Agent | =1.2 | |
| InterSect Alliance Snare Agent | =1.3 | |
| InterSect Alliance Snare Agent | =1.4 | |
| IBM AIX | ||
| All of | ||
| Any of | ||
| InterSect Alliance Snare Agent | <=1.1.4 | |
| InterSect Alliance Snare Agent | =1.0 | |
| InterSect Alliance Snare Agent | =1.0.1 | |
| InterSect Alliance Snare Agent | =1.1.0 | |
| InterSect Alliance Snare Agent | =1.1.1 | |
| InterSect Alliance Snare Agent | =1.1.2 | |
| Any of | ||
| Microsoft Windows 7 | ||
| Microsoft Windows Server 2008 | ||
| Microsoft Windows Vista |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- agent/references
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/severity
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- vendor/intersect alliance
- canonical/intersect alliance snare agent
- version/intersect alliance snare agent/3.2.3
- version/intersect alliance snare agent/2.0
- version/intersect alliance snare agent/2.1
- version/intersect alliance snare agent/2.3
- version/intersect alliance snare agent/2.4
- version/intersect alliance snare agent/2.5
- version/intersect alliance snare agent/2.5.2
- version/intersect alliance snare agent/2.5.3
- version/intersect alliance snare agent/2.5.4
- version/intersect alliance snare agent/2.5.6
- version/intersect alliance snare agent/2.5.7
- version/intersect alliance snare agent/3.0.0
- version/intersect alliance snare agent/3.1.0
- version/intersect alliance snare agent/3.2.0
- version/intersect alliance snare agent/3.2.1
- version/intersect alliance snare agent/3.2.2
- vendor/sun
- canonical/sun solaris
- version/intersect alliance snare agent/3.1.7
- version/intersect alliance snare agent/3.1.2
- version/intersect alliance snare agent/3.1.3
- version/intersect alliance snare agent/3.1.4
- version/intersect alliance snare agent/3.1.5
- version/intersect alliance snare agent/3.1.6
- vendor/microsoft
- canonical/microsoft windows 2000
- canonical/microsoft windows 2003 server
- canonical/microsoft windows xp
- version/intersect alliance snare agent/1.5.0
- version/intersect alliance snare agent/0.9.2
- version/intersect alliance snare agent/0.9.6
- version/intersect alliance snare agent/0.9.7
- version/intersect alliance snare agent/0.9.7a
- version/intersect alliance snare agent/0.9.8
- version/intersect alliance snare agent/1.0
- version/intersect alliance snare agent/1.1
- version/intersect alliance snare agent/1.2
- version/intersect alliance snare agent/1.3
- version/intersect alliance snare agent/1.4
- version/intersect alliance snare agent/1.4.1
- vendor/linux
- canonical/linux linux kernel
- vendor/sgi
- canonical/sgi irix
- canonical/intersect alliance snare epilog
- version/intersect alliance snare epilog/1.5.3
- version/intersect alliance snare epilog/1.1
- version/intersect alliance snare epilog/1.2
- version/intersect alliance snare epilog/1.3
- version/intersect alliance snare epilog/1.3.1
- version/intersect alliance snare epilog/1.3.3
- version/intersect alliance snare epilog/1.4.0
- version/intersect alliance snare epilog/1.5.0
- version/intersect alliance snare epilog/1.5.1
- version/intersect alliance snare epilog/1.5.2
- canonical/microsoft windows
- vendor/unix
- canonical/unix unix
- vendor/ibm
- canonical/ibm aix
- version/intersect alliance snare agent/1.1.4
- version/intersect alliance snare agent/1.0.1
- version/intersect alliance snare agent/1.1.0
- version/intersect alliance snare agent/1.1.1
- version/intersect alliance snare agent/1.1.2
- canonical/microsoft windows 7
- canonical/microsoft windows server 2008
- canonical/microsoft windows vista
- canonical/linux linux