CVE-2008-6585

Publication date 3 April 2009

Last updated 24 July 2024


Ubuntu priority

Cross-site request forgery (CSRF) vulnerability in html/admin.php in TorrentFlux 2.3 allows remote attackers to hijack the authentication of administrators for requests that add new accounts via the addUser action.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
torrentflux 9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Not affected
7.10 gutsy Ignored end of life, was needed
6.06 LTS dapper Not in release

Notes


mdeslaur

Debian packaging has a different directory layout rendering it not-affected.