6 matches found
Debian DSA-2867-1 : otrs2 - several vulnerabilities
Several vulnerabilities were discovered in otrs2, the Open Ticket Request System. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-1694 Norihiro Tanaka reported missing challenge token checks. An attacker that managed to take over the session of a...
[SECURITY] [DSA 2867-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2867-1 (otrs2 - several vulnerabilities)
Several vulnerabilities were discovered in otrs2, the Open Ticket Request System. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-1694 Norihiro Tanaka reported missing challenge token checks. An attacker that managed to take over the session of a logge...
Debian: Security Advisory (DSA-2867-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : otrs -- CSRF issue in customer web interface (080c5370-886a-11e3-9533-60a44c524f57)
The OTRS Project reports : An attacker that managed to take over the session of a logged in customer could create tickets and/or send follow-ups to existing tickets due to missing challenge token checks. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch has...
FreeBSD : otrs -- multiple vulnerabilities (c7b5d72b-886a-11e3-9533-60a44c524f57)
The OTRS Project reports : SQL injection issue An attacker that managed to take over the session of a logged in customer could create tickets and/or send follow-ups to existing tickets due to missing challenge token checks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...