12 matches found
OPENSUSE-SU-2024:10073-1 otrs-3.3.16-37.1 on GA media
These are all security issues fixed in the otrs-3.3.16-37.1 package on the GA media of openSUSE Tumbleweed...
Mageia: Security Advisory (MGASA-2015-0031)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0094)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the otrs package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Updated otrs package fixes CVE-2014-9324
Updated otrs package fixes security vulnerability: An attacker with valid OTRS credentials could access and manipulate ticket data of other users via the GenericInterface, if a ticket webservice is configured and not additionally secured CVE-2014-9324...
Mandriva Linux Security Advisory : otrs (MDVSA-2014:111)
Updated otrs package fixes security vulnerabilities : A logged in attacker could insert special content in dynamic fields, leading to JavaScript code being executed in OTRS CVE-2014-2553. An attacker could embed OTRS in a hidden iframe tag of another page, tricking the user into clicking links in...
MGASA-2014-0114 Updated otrs package fixes security vulnerability
An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed CVE-2014-1695...
Updated otrs packages fix security vulnerabilities and a missing dependency
Updated otrs package fixes security vulnerabilities: In OTRS before 3.2.14, an attacker that managed to take over the session of a logged in customer could create tickets and/or send follow-ups to existing tickets due to missing challenge token checks CVE-2014-1694. In OTRS before 3.2.14, an...
MGASA-2013-0247 Updated otrs package fixes security vulnerability
It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise user-supplied data that is used on SQL queries. An attacker with a valid agent login could exploit this issue to craft SQL queries by injecting arbitrary SQL code through manipulated URLs CVE-2013-4717...
[ MDVSA-2013:188 ] otrs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:188 http://www.mandriva.com/en/support/security/ Package : otrs Date : July 2, 2013 Affected: Business Server 1.0 Problem Description: Updated otrs package fixes security vulnerabilities: An attacker with a...
MGASA-2013-0196 Updated otrs package fixes security vulnerabilities
An attacker with a valid agent login could manipulate URLs in the ticket watch mechanism to see contents of tickets they are not permitted to see CVE-2013-3551, CVE-2013-4088...
[SECURITY] [DSA 973-1] New OTRS packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 973-1 [email protected] http://www.debian.org/security/ Martin Schulze February 15th, 2006 http://www.debian.org/security/faq -...