Lucene search
K

7 matches found

securityvulns
securityvulns
added 2014/05/05 12:0 a.m.59 views

[SECURITY] [DSA 2867-1] otrs2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.01827EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/02/24 12:0 a.m.24 views

Debian DSA-2867-1 : otrs2 - several vulnerabilities

Several vulnerabilities were discovered in otrs2, the Open Ticket Request System. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-1694 Norihiro Tanaka reported missing challenge token checks. An attacker that managed to take over the session of a...

7.5CVSS5.8AI score0.01827EPSS
Exploits1References7
Debian
Debian
added 2014/02/23 8:42 p.m.19 views

[SECURITY] [DSA 2867-1] otrs2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...

7.5CVSS0.9AI score0.01827EPSS
Exploits1
Debian
Debian
added 2014/02/23 8:42 p.m.27 views

[SECURITY] [DSA 2867-1] otrs2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2867-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2014 http://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.01827EPSS
Exploits1
OSV
OSV
added 2014/02/04 9:55 p.m.4 views

CVE-2014-1694

Multiple cross-site request forgery CSRF vulnerabilities in 1 CustomerPreferences.pm, 2 CustomerTicketMessage.pm, 3 CustomerTicketProcess.pm, and 4 CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow...

7.2AI score
Exploits0References16
CVE
CVE
added 2014/02/04 4:0 p.m.67 views

CVE-2014-1694

CVE-2014-1694 affects Open Ticket Request System (OTRS). The CSRF flaw allows an attacker with a valid session to hijack authentication and create tickets or send follow-ups for other users. Vulnerable versions: OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4. Public advisor...

6.8CVSS7.3AI score0.01479EPSS
Exploits1References12Affected Software1
Debian CVE
Debian CVE
added 2014/02/04 4:0 p.m.20 views

CVE-2014-1694

Multiple cross-site request forgery CSRF vulnerabilities in 1 CustomerPreferences.pm, 2 CustomerTicketMessage.pm, 3 CustomerTicketProcess.pm, and 4 CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow...

6.8CVSS7AI score0.01479EPSS
Exploits1
Rows per page
Query Builder