13 matches found
openSUSE Security Update : otrs (openSUSE-2020-1475)
Otrs was updated to 5.0.42, fixing lots of bugs and security issues : https://community.otrs.com/otrs-community-edition-5s-patch-level-42/ - CVE-2020-1773 boo1168029 OSA-2020-10 : - Session / Password / Password token leak An attacker with the ability to generate session IDs or password reset...
Recommended update for otrs (moderate)
openSUSE Security Update: Recommended update for otrs Announcement ID: openSUSE-SU-2020:1509-1 Rating: moderate References: 1122560 1137614 1137615 1139406 1141430 1141431 1141432 1156431 1157001 1160663 1168029 1168030 1168031 1168032 Cross-References: CVE-2019-10067 CVE-2019-12248 CVE-2019-1249...
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:1475-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian DLA-2198-1 : otrs2 security update
Several vulnerabilities have been discovered in otrs2 Open source Ticket Request System CVE-2020-1770 Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. CVE-2020-1772 Its possible to craft Lost Password requests with wildcards in the Token...
[SECURITY] [DLA 2198-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u15 CVE ID : CVE-2020-1770 CVE-2020-1772 CVE-2020-1774 Several vulnerabilities have been discovered in otrs2 Open source Ticket Request System CVE-2020-1770 Support bundle generated files could contain sensitive information that might be unwanted to be...
openSUSE Security Update : otrs (openSUSE-2020-551)
Otrs was updated to 5.0.42, fixing lots of bugs and security issues : https://community.otrs.com/otrs-community-edition-5s-patch-level-42/ - CVE-2020-1773 boo1168029 OSA-2020-10 : - Session / Password / Password token leak An attacker with the ability to generate session IDs or password reset...
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0551-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Recommended update for otrs (moderate)
openSUSE Security Update: Recommended update for otrs Announcement ID: openSUSE-SU-2020:0551-1 Rating: moderate References: 1122560 1137614 1137615 1139406 1141430 1141431 1141432 1156431 1157001 1160663 1168029 1168030 1168031 1168032 Cross-References: CVE-2019-10067 CVE-2019-12248 CVE-2019-1249...
OTRS 5.0.x < 5.0.42, 6.0.x < 6.0.27, 7.0.x < 7.0.16 Multiple Vulnerabilities
OTRS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if description...
CVE-2020-1772
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Tokens, generated by users which already requested new passwords. This issue affects: OTRS Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15...
CVE-2020-1772 Information Disclosure
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Tokens, generated by users which already requested new passwords. This issue affects: OTRS Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15...
CVE-2020-1772
CVE-2020-1772 affects OTRS/Open Source Ticket Request System. An attacker can craft Lost Password requests with wildcards in the Token value to retrieve valid tokens generated for users who requested password resets, impacting versions: OTRS Community Edition 5.0.41 and earlier, 6.0.26 and earlie...
CVE-2020-1772
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Tokens, generated by users which already requested new passwords. This issue affects: OTRS Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15...