CVE-2011-1007
published 2011-02-28CVE-2011-1007: Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain…
PriorityP47low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.40%
31.6th percentile
Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via the back button of a web browser on an unattended workstation after an RT logout.
Affected
72 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bestpractical | rt | <= 3.8.9 | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
| bestpractical | rt | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2011-0009 CVE-2011-1008 CVE-2011-1007 rt3 various flaws [epel-6]
bugzilla·2011-02-24·CVSS 4.3
CVE-2011-0009 [MEDIUM] CVE-2011-0009 CVE-2011-1008 CVE-2011-1007 rt3 various flaws [epel-6]
CVE-2011-0009 CVE-2011-1008 CVE-2011-1007 rt3 various flaws [epel-6]
epel-6 tracking bug for rt3: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
Adding parent bug CVE-2011-1008
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=672250,679411
---
Adding parent bug CVE-2011-1007
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=672250,679411,679396
---
EPEL6 has 3.8.13, so this is resolved.
Bugzilla
CVE-2011-1008 CVE-2011-1007 rt3 various flaws [fedora-all]
bugzilla·2011-02-24·CVSS 2.1
CVE-2011-1008 [LOW] CVE-2011-1008 CVE-2011-1007 rt3 various flaws [fedora-all]
CVE-2011-1008 CVE-2011-1007 rt3 various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=679411
Please note: this issue affects multiple supported versi
Bugzilla
CVE-2011-1007 rt3: Improper management of form data resubmittion upon user log out
bugzilla·2011-02-22·CVSS 2.1
CVE-2011-1007 [LOW] CVE-2011-1007 rt3: Improper management of form data resubmittion upon user log out
CVE-2011-1007 rt3: Improper management of form data resubmittion upon user log out
A security flaw was found in the way the RT3 ticketing
system handled resubmitting of form data after the user
has logged out of the browser (but not closed it).
A local attacker could use this flaw to access the user
account of the victim (login without providing a password
or obtain user credentials).
References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614575
[2] http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.html
Upstream bug report:
[3] http://issues.bestpractical.com/Ticket/Display.html?id=15804
Upstream changeset:
[4] https://github.com/bestpractical/rt/commit/917c211820590950f7eb0521f7f43b31aeed44c4
Discussion:
This issue affects the versions of the rt3 pa
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614575http://issues.bestpractical.com/Ticket/Display.html?id=15804http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.htmlhttp://openwall.com/lists/oss-security/2011/02/22/12http://openwall.com/lists/oss-security/2011/02/22/16http://openwall.com/lists/oss-security/2011/02/22/6http://openwall.com/lists/oss-security/2011/02/23/22http://openwall.com/lists/oss-security/2011/02/24/7http://openwall.com/lists/oss-security/2011/02/24/8http://openwall.com/lists/oss-security/2011/02/24/9http://osvdb.org/71012http://secunia.com/advisories/43438http://www.vupen.com/english/advisories/2011/0475https://exchange.xforce.ibmcloud.com/vulnerabilities/65771https://github.com/bestpractical/rt/commit/057552287159e801535e59b8fbd5bd98d1322069https://github.com/bestpractical/rt/commit/917c211820590950f7eb0521f7f43b31aeed44c4https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3Ehttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614575http://issues.bestpractical.com/Ticket/Display.html?id=15804http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.htmlhttp://openwall.com/lists/oss-security/2011/02/22/12http://openwall.com/lists/oss-security/2011/02/22/16http://openwall.com/lists/oss-security/2011/02/22/6http://openwall.com/lists/oss-security/2011/02/23/22http://openwall.com/lists/oss-security/2011/02/24/7http://openwall.com/lists/oss-security/2011/02/24/8http://openwall.com/lists/oss-security/2011/02/24/9http://osvdb.org/71012http://secunia.com/advisories/43438http://www.vupen.com/english/advisories/2011/0475https://exchange.xforce.ibmcloud.com/vulnerabilities/65771https://github.com/bestpractical/rt/commit/057552287159e801535e59b8fbd5bd98d1322069https://github.com/bestpractical/rt/commit/917c211820590950f7eb0521f7f43b31aeed44c4https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
2011-02-28
Published