Google Git
Sign in
apache / archiva-web-content / 00da239599ad211d538019d405e5aff2180307d8 / . / security.html
blob: 41dba4393f85fbdb76b9222ea2ebf5556eb95072 [file] [log] [blame]
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20150226" />
<meta http-equiv="Content-Language" content="en" />
<title>Archiva - Security Vulnerabilities</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.1.min.js"></script>
<script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script>
<script type="text/javascript">var pageTracker = _gat._getTracker("UA-140879-5");
pageTracker._initData();
pageTracker._trackPageview();</script>
</head>
<body class="topBarEnabled">
<div id="topbar" class="navbar navbar-fixed-top ">
<div class="navbar-inner">
<div class="container"><div class="nav-collapse">
<ul class="nav">
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Introduction <b class="caret"></b></a>
<ul class="dropdown-menu">
<li> <a href="index.html" title="About">About</a>
</li>
<li> <a href="download.html" title="Downloads">Downloads</a>
</li>
<li> <a href="versions.html" title="Versions">Versions</a>
</li>
<li> <a href="mail-lists.html" title="Mailing Lists">Mailing Lists</a>
</li>
<li> <a href="security.html" title="Security">Security</a>
</li>
<li class="dropdown-submenu">
<a href="" title="Documentation">Documentation</a>
<ul class="dropdown-menu">
<li> <a href="docs/2.1.1/" title="Release 2.1.1">Release 2.1.1</a>
</li>
<li> <a href="docs/1.3.9/" title="Preview 1.3.9">Preview 1.3.9</a>
</li>
<li> <a href="docs/2.2.0-SNAPSHOT/" title="Dev 2.2.0-SNAPSHOT">Dev 2.2.0-SNAPSHOT</a>
</li>
</ul>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Development <b class="caret"></b></a>
<ul class="dropdown-menu">
<li> <a href="developers/building.html" title="Build Apache Archiva">Build Apache Archiva</a>
</li>
<li> <a href="get-involved.html" title="Get involved">Get involved</a>
</li>
<li> <a href="developers/how-we-do-things.html" title="How we do things">How we do things</a>
</li>
<li> <a href="redback" title="Redback">Redback</a>
</li>
<li> <a href="redback/components" title="Redback Components">Redback Components</a>
</li>
<li class="dropdown-submenu">
<a href="jsui/index.html" title="Javascript application Architecture">Javascript application Architecture</a>
<ul class="dropdown-menu">
<li> <a href="jsui/rest.html" title="Rest service">Rest service</a>
</li>
<li> <a href="jsui/template-loading.html" title="JS Template loading">JS Template loading</a>
</li>
<li> <a href="jsui/i18n.html" title="i18n">i18n</a>
</li>
<li> <a href="jsui/knockout-binding.html" title="Knockout Binding">Knockout Binding</a>
</li>
<li> <a href="jsui/generics-js.html" title="Generic Javascipts">Generic Javascipts</a>
</li>
</ul>
</li>
<li> <a href="developers/releasing.html" title="Releasing">Releasing</a>
</li>
<li> <a href="developers/publishing-site.html" title="Site Publish">Site Publish</a>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">ASF <b class="caret"></b></a>
<ul class="dropdown-menu">
<li> <a href="http://www.apache.org/foundation/how-it-works.html" title="How Apache Works">How Apache Works</a>
</li>
<li> <a href="http://www.apache.org/foundation/" title="Foundation">Foundation</a>
</li>
<li> <a href="http://www.apache.org/foundation/sponsorship.html" title="Sponsoring Apache">Sponsoring Apache</a>
</li>
<li> <a href="http://www.apache.org/foundation/thanks.html" title="Thanks">Thanks</a>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Project Documentation <b class="caret"></b></a>
<ul class="dropdown-menu">
<li class="dropdown-submenu">
<a href="project-info.html" title="Project Information">Project Information</a>
<ul class="dropdown-menu">
<li> <a href="integration.html" title="Continuous Integration">Continuous Integration</a>
</li>
<li> <a href="mail-lists.html" title="Mailing Lists">Mailing Lists</a>
</li>
<li> <a href="issue-tracking.html" title="Issue Tracking">Issue Tracking</a>
</li>
<li> <a href="license.html" title="Project License">Project License</a>
</li>
<li> <a href="team-list.html" title="Project Team">Project Team</a>
</li>
<li> <a href="source-repository.html" title="Source Repository">Source Repository</a>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<form id="search-form" action="http://www.google.com/search" method="get" class="navbar-search pull-right" >
<input value="http://archiva.apache.org/" name="sitesearch" type="hidden"/>
<input class="search-query" name="q" id="query" type="text" />
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=search-form"></script>
</div>
</div>
</div>
</div>
<div class="container">
<div id="banner">
<div class="pull-left">
<a href="index.html" id="bannerLeft">
<img src="images/archiva.png" alt="Apache Archiva"/>
</a>
</div>
<div class="pull-right"> <a href="http://www.apache.org/" id="bannerRight">
<img src="http://www.apache.org/images/asf_logo_wide.png" alt="Apache Software Foundation"/>
</a>
</div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="http://www.apache.org/" class="externalLink" title="Apache">
Apache</a>
<span class="divider">/</span>
</li>
<li class="">
<a href="./" title="Archiva">
Archiva</a>
<span class="divider">/</span>
</li>
<li class="active ">Security Vulnerabilities</li>
<li id="publishDate" class="pull-right">Last Published: 26 Feb 2015</li>
</ul>
</div>
<div id="bodyColumn" >
<!-- Licensed to the Apache Software Foundation (ASF) under one --><!-- or more contributor license agreements. See the NOTICE file --><!-- distributed with this work for additional information --><!-- regarding copyright ownership. The ASF licenses this file --><!-- to you under the Apache License, Version 2.0 (the --><!-- "License"); you may not use this file except in compliance --><!-- with the License. You may obtain a copy of the License at --><!-- --><!-- http://www.apache.org/licenses/LICENSE-2.0 --><!-- --><!-- Unless required by applicable law or agreed to in writing, --><!-- software distributed under the License is distributed on an --><!-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY --><!-- KIND, either express or implied. See the License for the --><!-- specific language governing permissions and limitations --><!-- under the License. --><!-- NOTE: For help with the syntax of this file, see: --><!-- http://maven.apache.org/guides/mini/guide-apt-format.html --><div class="section">
<h2>Security Vulnerabilities<a name="Security_Vulnerabilities"></a></h2>
<p>Please note that binary patches are not produced for individual vulnerabilities. To obtain the binary fix for a particular vulnerability you should upgrade to an Apache Archiva version where that vulnerability has been fixed.</p>
<p>For more information about reporting vulnerabilities, see the <a class="externalLink" href="http://www.apache.org/security/"> Apache Security Team</a> page.</p>
<div class="section">
<h3>CVE-2013-2251: Apache Archiva Remote Command Execution<a name="CVE-2013-2251:_Apache_Archiva_Remote_Command_Execution"></a></h3>
<p>Apache Archiva is affected by a vulnerability in the version of the Struts library being used, which allows a malicious user to run code on the server remotely. More details about the vulnerability can be found at <a class="externalLink" href="http://struts.apache.org/release/2.3.x/docs/s2-016.html">http://struts.apache.org/release/2.3.x/docs/s2-016.html</a>.</p>
<p>Versions Affected:</p>
<ul>
<li>Archiva 1.3 to Archiva 1.3.6</li></ul>
<ul>
<li>The unsupported versions Archiva 1.2 to 1.2.2 are also affected.</li></ul>
<p>All users are recommended to upgrade to <a href="./download.cgi"> Archiva 2.0.1 or Archiva 1.3.8</a>, which are not affected by this issue.</p>
<p>Archiva 2.0.0 and later is not affected by this issue.</p></div>
<div class="section">
<h3>CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability<a name="CVE-2013-2187:_Apache_Archiva_Cross-Site_Scripting_vulnerability"></a></h3>
<p>A request that included a specially crafted request parameter could be used to inject arbitrary HTML or Javascript into the Archiva home page.</p>
<p>Versions Affected:</p>
<ul>
<li>Archiva 1.3 to Archiva 1.3.6</li></ul>
<ul>
<li>The unsupported versions Archiva 1.2 to 1.2.2 are also affected.</li></ul>
<p>All users are recommended to upgrade to <a href="./download.cgi"> Archiva 2.0.1 or Archiva 1.3.8</a>, which are not affected by this issue.</p>
<p>Archiva 2.0.0 and later is not affected by this issue.</p></div>
<div class="section">
<h3>CVE-2010-1870: Struts2 remote commands execution<a name="CVE-2010-1870:_Struts2_remote_commands_execution"></a></h3>
<p>Apache Archiva is affected by a vulnerability in the version of the Struts library being used, which allows a malicious user to run code on the server remotely. More details about the vulnerability can be found at <a class="externalLink" href="http://struts.apache.org/2.2.1/docs/s2-005.html">http://struts.apache.org/2.2.1/docs/s2-005.html</a>.</p>
<p>Versions Affected:</p>
<ul>
<li>Archiva 1.3 to Archiva 1.3.5</li></ul>
<ul>
<li>The unsupported versions Archiva 1.2 to 1.2.2 are also affected.</li></ul>
<p>All users are recommended to upgrade to <a href="./download.cgi"> Archiva 1.3.6</a>, which configures Struts in such a way that it is not affected by this issue.</p>
<p>Archiva 1.4-M3 and later is not affected by this issue.</p></div>
<div class="section">
<h3>CVE-2011-1077: Multiple XSS issues<a name="CVE-2011-1077:_Multiple_XSS_issues"></a></h3>
<p>Apache Archiva is vulnerable to multiple XSS issues, both stored (persistent) and reflected (non-persistent). Javascript which might contain malicious code can be appended in a request parameter or stored as a value in a submitted form, and get executed.</p>
<p>Versions Affected:</p>
<ul>
<li>Archiva 1.3 to 1.3.4</li>
<li>The unsupported versions Archiva 1.0 to 1.2.2 are also affected.</li></ul></div>
<div class="section">
<h3>CVE-2011-1026: Multiple CSRF issues<a name="CVE-2011-1026:_Multiple_CSRF_issues"></a></h3>
<p>An attacker can build a simple html page containing a hidden Image tag (eg: <tt>&lt;img src=vulnurl width=0 height=0 /</tt>&gt;) and entice the administrator to access the page.</p>
<p>Versions Affected:</p>
<ul>
<li>Archiva 1.3 to 1.3.4</li>
<li>The unsupported versions Archiva 1.0 to 1.2.2 are also affected.</li></ul></div>
<div class="section">
<h3>CVE-2011-0533: Apache Archiva cross-site scripting vulnerability<a name="CVE-2011-0533:_Apache_Archiva_cross-site_scripting_vulnerability"></a></h3>
<p>A request that included a specially crafted request parameter could be used to inject arbitrary HTML or Javascript into the Archiva user management page. This fix is available in version <a href="./download.html"> 1.3.4</a> of Apache Archiva. All users must upgrade to this version (or higher).</p>
<p>Versions Affected:</p>
<ul>
<li>Archiva 1.3 to 1.3.3</li>
<li>The unsupported versions Archiva 1.0 to 1.2.2 are also affected.</li></ul></div>
<div class="section">
<h3>CVE-2010-3449: Apache Archiva CSRF Vulnerability<a name="CVE-2010-3449:_Apache_Archiva_CSRF_Vulnerability"></a></h3>
<p>Apache Archiva doesn't check which form sends credentials. An attacker can create a specially crafted page and force archiva administrators to view it and change their credentials. To fix this, a referrer check was added to the security interceptor for all secured actions. A prompt for the administrator's password when changing a user account was also set in place. This fix is available in version <a href="./download.html"> 1.3.2</a> of Apache Archiva. All users must upgrade to this version (or higher).</p>
<p>Versions Affected:</p>
<ul>
<li>Archiva 1.3 to 1.3.1</li>
<li>Archiva 1.2 to 1.2.2 (end of life)</li>
<li>Archiva 1.1 to 1.1.4 (end of life)</li>
<li>Archiva 1.0 to 1.0.3 (end of life)</li></ul></div></div>
</div>
</div>
<hr/>
<footer>
<div class="container">
<div class="row">
<p >Copyright &copy; 2006&#x2013;2015
<a href="http://archiva.apache.org/">The Apache Software Foundation</a>.
All rights reserved.
</p>
</div>
<div class="row pull-left">Apache Archiva, Archiva, Apache, the Apache feather logo, and the Apache Archiva project logos are trademarks of The Apache Software Foundation.</div>
<div class="row pull-left">
<a href="http://archiva.apache.org/privacy-policy.html">Privacy Policy</a>
</div>
<p id="poweredBy" class="pull-right">
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
</a>
</p>
<div id="ohloh" class="pull-right">
<script type="text/javascript" src="http://www.ohloh.net/p/6670/widgets/project_basic_stats.js"></script>
</div>
</div>
</footer>
</body>
</html>