OTRS 6.0.x < 6.0.25, 7.0.x < 7.0.14 Message Vulnerability

OTRS is prone to a vulnerability where it is possible to send drafted messages as wrong agent. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2020-1767

Agent A is able to save a draft i.e. for customer reply. Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: OTRS Community Edition 6.0.x version...

CVE-2020-1767

CVE-2020-1767 affects OTRS Community Edition 6.0.x (up to 6.0.24) and OTRS 7.0.x (up to 7.0.13). Description: Agent A can save a draft; Agent B can open it, modify the text, and send it as Agent A, so customers see a message sent by the original agent. Debian/Nessus advisories indicate patches: u...

HP-UX Security Patch : PHSS_31006

X OV ITO7.1X Msg/Act Linux Agent A.07.25 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26719; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate",...

HP-UX Security Patch : PHSS_32099

X OV ITO7.1X Msg/Act Linux Agent A.07.28 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26736; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate",...