6 matches found
[SECURITY] [DSA 2867-1] otrs2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...
Debian DSA-2867-1 : otrs2 - several vulnerabilities
Several vulnerabilities were discovered in otrs2, the Open Ticket Request System. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-1694 Norihiro Tanaka reported missing challenge token checks. An attacker that managed to take over the session of a...
[SECURITY] [DSA 2867-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2867-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...
CVE-2014-1471
SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL...
CVE-2014-1471
CVE-2014-1471 affects Open Ticket Request System (OTRS): SQL injection in Kernel/System/State.pm via the ticket search URL, enabling an attacker with a valid customer or agent login to inject arbitrary SQL. Affected lines include OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3...