Lucene search
PRIOn knowledge basePRION:CVE-2017-16664HistoryNov 21, 2017 - 2:29 p.m.
Code injection
2017-11-2114:29:00
PRIOn knowledge base
www.prio-n.com
3
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.
Related
openvas
openvas
Debian: Security Advisory (DSA-4047-1)
2017-11-22 00:00:00
OTRS RCE Vulnerability
2017-11-24 00:00:00
openSUSE: Security Advisory for otrs (openSUSE-SU-2017:3054-1)
2017-11-24 00:00:00
cve
cve
CVE-2017-16664
2017-11-21 14:29:00
osv
osv
otrs2 - security update
2017-11-23 00:00:00
CVE-2017-16664
2017-11-21 14:29:00
otrs2 - security update
2017-12-19 00:00:00
cvelist
cvelist
CVE-2017-16664
2017-11-21 14:00:00
nvd
nvd
CVE-2017-16664
2017-11-21 14:29:00
debiancve
debiancve
CVE-2017-16664
2017-11-21 14:29:00
ubuntucve
ubuntucve
CVE-2017-16664
2017-11-21 00:00:00
nessus
nessus
OTRS Authenticated Remote Code Execution (OSA-2017-07)
2017-12-11 00:00:00
openSUSE Security Update : otrs (openSUSE-2017-1291)
2017-11-27 00:00:00
Debian DSA-4047-1 : otrs2 - security update
2017-11-27 00:00:00
debian
debian
[SECURITY] [DSA 4047-1] otrs2 security update
2017-11-23 22:09:39
[SECURITY] [DLA 1212-1] otrs2 security update
2017-12-19 20:42:01
suse
suse
Security update for otrs (important)
2017-11-23 18:09:38
freebsd
freebsd
OTRS -- Multiple vulnerabilities
2017-11-21 00:00:00