9 matches found
openSUSE Security Update : otrs (openSUSE-SU-2010:0366-1)
OTRS was prone to multiple SQL-injection vulnerabilities which could allow remote authenticated attackers to execute arbitrary SQL code via unspecified vectors.CVE-2010-0438. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
openSUSE Security Update : otrs (openSUSE-SU-2010:0366-1)
OTRS was prone to multiple SQL-injection vulnerabilities which could allow remote authenticated attackers to execute arbitrary SQL code via unspecified vectors.CVE-2010-0438. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
openSUSE Security Update : otrs (openSUSE-SU-2010:0366-1)
OTRS was prone to multiple SQL-injection vulnerabilities which could allow remote authenticated attackers to execute arbitrary SQL code via unspecified vectors.CVE-2010-0438. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Debian DSA-1993-1 : otrs2 - sql injection
It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise input data that is used on SQL queries, which might be used to inject arbitrary SQL to, for example, escalate privileges on a system that uses otrs2. The oldstable distribution etch is not affected...
OTRS Multiple SQLi Vulnerabilities (OSA-2010-01)
Open Ticket Request System OTRS is prone to multiple SQL injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[SECURITY] [DSA 1993-1] New otrs2 packages fix SQL injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1993-1 [email protected] http://www.debian.org/security/ Raphael Geissert February 10, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1993-1] New otrs2 packages fix SQL injection
------------------------------------------------------------------------ Debian Security Advisory DSA-1993-1 [email protected] http://www.debian.org/security/ Raphael Geissert February 10, 2010 http://www.debian.org/security/faq -...
FreeBSD Ports: otrs
The remote host is missing an update to the system as announced in the referenced advisory. VID 6b575419-14cf-11df-a628-001517351c22 OpenVAS Vulnerability Test $ Description: Auto generated from VID 6b575419-14cf-11df-a628-001517351c22 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
CVE-2010-0438
CVE-2010-0438 concerns multiple SQL injections in OTRS by failing to sanitise input in Kernel/System/Ticket.pm. Affected are OTRS Core versions: 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7. The vulnerability allows remote authenticated users to execute arbit...