7 matches found
[SECURITY] [DSA 2867-1] otrs2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...
Debian DSA-2867-1 : otrs2 - several vulnerabilities
Several vulnerabilities were discovered in otrs2, the Open Ticket Request System. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-1694 Norihiro Tanaka reported missing challenge token checks. An attacker that managed to take over the session of a...
[SECURITY] [DSA 2867-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2867-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...
CVE-2014-1694
Multiple cross-site request forgery CSRF vulnerabilities in 1 CustomerPreferences.pm, 2 CustomerTicketMessage.pm, 3 CustomerTicketProcess.pm, and 4 CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow...
CVE-2014-1694
CVE-2014-1694 affects Open Ticket Request System (OTRS). The CSRF flaw allows an attacker with a valid session to hijack authentication and create tickets or send follow-ups for other users. Vulnerable versions: OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4. Public advisor...
CVE-2014-1694
Multiple cross-site request forgery CSRF vulnerabilities in 1 CustomerPreferences.pm, 2 CustomerTicketMessage.pm, 3 CustomerTicketProcess.pm, and 4 CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow...