1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
Candidate: CVE-2012-6073
PublicDate: 2013-02-24
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6073
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
http://www.openwall.com/lists/oss-security/2012/12/28/1
Description:
Open redirect vulnerability in Jenkins before 1.491, Jenkins LTS before
1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before
1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to
redirect users to arbitrary web sites and conduct phishing attacks via
unspecified vectors.
Ubuntu-Description:
Notes:
Bugs:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696816
Priority: medium
Discovered-by: Soroush Dalili
Assigned-to:
Patches_jenkins:
upstream_jenkins: released (1.480.1, 1.491)
hardy_jenkins: DNE
lucid_jenkins: DNE
oneiric_jenkins: ignored (reached end-of-life)
precise_jenkins: ignored (reached end-of-life)
precise/esm_jenkins: DNE (precise was needed)
quantal_jenkins: ignored (reached end-of-life)
raring_jenkins: ignored (reached end-of-life)
saucy_jenkins: ignored (reached end-of-life)
trusty_jenkins: DNE
utopic_jenkins: DNE
vivid_jenkins: DNE
vivid/stable-phone-overlay_jenkins: DNE
vivid/ubuntu-core_jenkins: DNE
wily_jenkins: DNE
xenial_jenkins: DNE
yakkety_jenkins: DNE
zesty_jenkins: DNE
devel_jenkins: DNE
|