Debian: Security Advisory (DSA-2220-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: rt36

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2011-1685

Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4.0.0rc7, when the CustomFieldValuesSources aka external custom field option is enabled, allows remote authenticated users to execute arbitrary code via unspecified vectors, as demonstrated by a cross-site request forgery CSRF...

CVE-2011-1685

Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4.0.0rc7, when the CustomFieldValuesSources aka external custom field option is enabled, allows remote authenticated users to execute arbitrary code via unspecified vectors, as demonstrated by a cross-site request forgery CSRF...

[BSA-033] Security Update for request-tracker3.8

Jan Wagner uploaded new packages for request-tracker3.8 which fixed the following security problems: CVE-2011-1685 If the external custom field feature is enabled, Request Tracker allows authenticated users to execute arbitrary code with the permissions of the web server, possible triggered by a...

Security fix for the ALT Linux 6 package request-tracker version 3.8.10-alt1

April 19, 2011 Vladimir V Kamarzin 3.8.10-alt1 - 3.8.10. Security fixes: + CVE-2011-1689 + CVE-2011-1688 + CVE-2011-1687 + CVE-2011-1686 + CVE-2011-1685 - Enhance findreq skiplist...

DSA-2220-1 request-tracker3.8 - several

Bulletin has no description...