4 matches found
openSUSE Security Update : otrs (openSUSE-SU-2010:1061-1)
OTRS version 2.4.9 fixes among other things two cross-site-scripting and a denial of service vulnerability CVE-2010-2080, CVE-2010-3476, CVE-2010-4071. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
CVE-2010-3476
Open Ticket Request System OTRS 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service CPU consumption via a large message, a different vulnerability than...
CVE-2010-3476
Open Ticket Request System OTRS 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service CPU consumption via a large message, a different vulnerability than...
CVE-2010-3476
OTRS contains a DoS vulnerability (CVE-2010-3476) where Perl regex handling of HTML email messages can cause CPU exhaustion. Affected versions are OTRS 2.3.x before 2.3.6 and 2.4.x before 2.4.8; exploit requires processing a very large HTML message. This is reported as a separate issue from CVE-2...