openSUSE Security Update : otrs (openSUSE-SU-2013:1338-1)

The ticket system OTRS was updated to 3.1.18 to fix various bugs and security issues. Update to 3.1.18 : - OSA-2013-05, CVE-2013-4717, CVE-2013-4718 fixed. - Fixed bug9561 - ACL restriction with CustomerID for DynamicFields at new Ticket screen not working. - Fixed bug9425 - Wrong created date fo...

CVE-2010-1325

Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the apache2-slms package in SUSE Lifecycle Management Server SLMS 1.0 on SUSE Linux Enterprise SLE 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources...

PHP Toolkit: Data disclosure and Denial of service

Background PHP Toolkit is a utility to manage parallel installations of PHP within Gentoo. It is executed by the PHP ebuilds at setup. Description Toni Arnold, David Sveningsson, Michal Bartoszkiewicz, and Joseph reported that php-select does not quote parameters passed to the "tr" command, which...