CVE-2010-1325

Currently unrated

Key Information:

Vendor: Novell
Status: Suse Lifecycle Management Server
Vendor: CVE Published:; 3 September 2010

Summary

Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.

References

https://bugzilla.novell.com/show_bug.cgi?id=588284

x_refsource_CONFIRM

http://www.securityfocus.com/bid/42121

vdb-entryx_refsource_BID

http://lists.opensuse.org/opensuse-security-announce/2010...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
Sep 3, 2010
Vulnerability Reserved
Apr 8, 2010

Collectors

NVD DatabaseMitre Database