Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-4764HistoryMar 18, 2011 - 4:55 p.m.
CVE-2010-4764
2011-03-1816:55:01
Debian Security Bug Tracker
security-tracker.debian.org
15
otrs
encrypted e-mail
pgp
gpg
key revocation
remote attackers
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
59.6%
Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys, which makes it easier for remote attackers to spoof e-mail communication by leveraging a key that has a revocation signature.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | otrs2 | < 2.4.10+dfsg1-1 | otrs2_2.4.10+dfsg1-1_all.deb |
Related
openvas
openvas
OTRS < 2.4.10, 3.x < 3.0.3 Key Revocation Spoofing Weakness Vulnerability
2013-09-22 00:00:00
cvelist
cvelist
CVE-2010-4764
2011-03-18 16:00:00
nvd
nvd
CVE-2010-4764
2011-03-18 16:55:01
ubuntucve
ubuntucve
CVE-2010-4764
2011-03-18 00:00:00
prion
prion
Design/Logic Flaw
2011-03-18 16:55:00
cve
cve
CVE-2010-4764
2011-03-18 16:55:01
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
59.6%
Related for DEBIANCVE:CVE-2010-4764