7 matches found
Debian Security Advisory DSA 1299-1 (ipsec-tools)
The remote host is missing an update to ipsec-tools announced via advisory DSA 1299-1. OpenVAS Vulnerability Test $Id: deb12991.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1299-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
openSUSE 10 Security Update : otrs (otrs-3544)
This update fixes a cross site scripting XSS vulnerability in OTRS CVE-2007-2524. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update otrs-3544. The text description of this plugin is C SUSE LLC...
Debian DSA-1298-1 : otrs2 - missing input sanitising
It was discovered that the Open Ticket Request System performs insufficient input sanitising for the Subaction parameter, which allows the injection of arbitrary web script code. The oldstable distribution sarge doesn't include otrs2. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 1298-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 28th, 2007 http://www.debian.org/security/faq -...
[Full-disclosure] [SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1298-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 28th, 2007 http://www.debian.org/security/faq -...
CVE-2007-2524
Cross-site scripting XSS vulnerability in index.pl in Open Ticket Request System OTRS 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action. NOTE: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, b...
CVE-2007-2524
CVE-2007-2524 describes a cross-site scripting (XSS) vulnerability in the Open Ticket Request System (OTRS) 2.0.x. The flaw occurs in the index.pl script via the Subaction parameter in an AgentTicketMailbox Action, enabling an attacker to inject arbitrary web script or HTML. The connected OSS/NSS...