4 matches found
CVE-2017-9324
In Open Ticket Request System OTRS 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URL...
CVE-2017-9324
The CVE-2017-9324 issue affects OTRS versions 3.3.x (up to 3.3.16), 4.x (up to 4.0.23), and 5.x (up to 5.0.19). A user with agent permissions can open a crafted URL (index.pl?Action=Installer with ;Subaction=Intro/Start/System) to gain administrative privileges, then read and modify all system se...
[SECURITY] [DSA 3876-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3876-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 09, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3876-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...