8 matches found
USN-6529-1: Request Tracker vulnerabilities
It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CVE-2021-38562, CVE-2022-25802, CVE-2023-41259,...
Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Request Tracker vulnerabilities (USN-6529-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6529-1 advisory. It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were...
[SECURITY] [DLA 3057-1] request-tracker4 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3057-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 23, 2022 https://wiki.debian.org/LTS -...
Debian DLA-3057-1 : request-tracker4 - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3057 advisory. - Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against...
CVE-2021-38562
Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm...
UBUNTU-CVE-2021-38562
Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm...
CVE-2021-38562
CVE-2021-38562 affects Best Practical Request Tracker (RT) prior to specific fixed releases. A timing-attack vulnerability in lib/RT/REST2/Middleware/Auth.pm can disclose sensitive information. Affected RT versions include 4.2.x before 4.2.17, 4.4.x before 4.4.5, and 5.0.x before 5.0.2. Public ad...
CVE-2021-38562
Best Practical Request Tracker RT 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm...