|
|
CVE Reference: CVE-2008-1106 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-1106 |
|
|
Description: The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and force the client to download and execute arbitrary files. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/42895 ST 1020208 SREASON http://securityreason.com/securityalert/3930 SAID Secunia Advisory: SA30135 MISC http://secunia.com/secunia_research/2008-19/advisory/ BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/493170/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/493169/100/0/threaded |
|
| Return to the previous page. |
