vendor:
Sun Solaris
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Request Forgery
Unknown
CWE
Product Name: Sun Solaris
Affected Version From: Sun Solaris 10 10/09 and OpenSolaris 2009.06
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Platforms Tested: Unknown
Unknown
Cross-Site Request Forgery Vulnerability in Sun Solaris ‘in.ftpd’ FTP Server
The Sun Solaris 'in.ftpd' FTP server is prone to a security vulnerability that allows attackers to perform cross-site request-forgery attacks. An attacker can exploit this issue to perform unauthorized actions by enticing a logged-in user to visit a malicious site. This may lead to further attacks.
Mitigation:
No specific mitigation or remediation mentioned.