Multiple Snare Agents Web Interface Cross Site Request Forgery Vulnerability

Multiple Snare agents are prone to a cross-site request-forgery vulnerability.

Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected application.

The following products are affected:

Snare for Solaris 3.2.3 and prior
Snare for Windows 3.1.7 and prior
Snare for Linux 1.5.0 and prior
Snare for AIX 1.5.0 and prior
Snare for Irix 1.4 and prior
Epilog for Windows 1.5.3 and prior
Epilog for Unix version 1.2 and prior


Privacy Statement
Copyright 2010, SecurityFocus