On Tue, Dec 09, 2014 at 08:56:21PM -0600, Gunnar Wolf wrote: > Moritz Mühlenhoff dijo [Tue, Dec 09, 2014 at 10:17:14PM +0100]: > > > > I'm getting in touch with the authors right now. Thanks! > > > > > > http://collabtive.o-dyn.de/forum/viewtopic.php?f=11&t=8479 > > > > Gunnar, > > is this fixed in the version in jessie? > > Sorry for the delay for this reply! > > I can confirm you that, from the three attacks mentioned in > exploit-db¹, attacks 1 and 3 do not work. As for attack 2 (the CSRF), > the description just reads: > > Technically, attacker can create a specially crafted page and > force collabtive administrators to visit it and can gain > administrative privilege. For prevention from CSRF > vulnerabilities, application needs anti-csrf token, captcha and > asking old password for critical actions. > > The refered site for the POC exploit² no longer exists, so I cannot > confirm whether it has been fixed or not. I can see from the forum > post you linked to that the author does not believe it to be a > realistic, important enough issue to worry about.
I've updated the security tracker, I suggest we go ahead and close this bug, no need to keep this open. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org