Lucene search
SuseOPENSUSE-SU-2017:3054-1HistoryNov 23, 2017 - 6:09 p.m.
Security update for otrs (important)
2017-11-2318:09:38
lists.opensuse.org
218
EPSS
0.002
Percentile
65.0%
This update for otrs fixes the following security issues:
- CVE-2017-15864: Remote authenticated attackers could have caused otrs to
disclose configuration information, including database credentials
(boo#1068677, OSA-2017-06) - CVE-2017-16664: Remote authenticated attackers could have caused the
execution of shell commands with the permission of the web server user
(boo#1069391, OSA-2017-07)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.2 | noarch | otrs | < 3.3.20-5.11.1 | otrs-3.3.20-5.11.1.noarch.rpm |
| openSUSE Leap | 42.2 | noarch | otrs-doc | < 3.3.20-5.11.1 | otrs-doc-3.3.20-5.11.1.noarch.rpm |
| openSUSE Leap | 42.3 | noarch | otrs | < 3.3.20-14.1 | otrs-3.3.20-14.1.noarch.rpm |
| openSUSE Leap | 42.2 | noarch | otrs-itsm | < 3.3.14-5.11.1 | otrs-itsm-3.3.14-5.11.1.noarch.rpm |
| openSUSE Leap | 42.3 | noarch | otrs-itsm | < 3.3.14-14.1 | otrs-itsm-3.3.14-14.1.noarch.rpm |
| openSUSE Leap | 42.3 | noarch | otrs-doc | < 3.3.20-14.1 | otrs-doc-3.3.20-14.1.noarch.rpm |
Related
debian
debian
[SECURITY] [DSA 4047-1] otrs2 security update
2017-11-23 22:09:39
[SECURITY] [DLA 1212-1] otrs2 security update
2017-12-19 20:42:01
nessus
nessus
openSUSE Security Update : otrs (openSUSE-2017-1291)
2017-11-27 00:00:00
Debian DSA-4047-1 : otrs2 - security update
2017-11-27 00:00:00
Debian DLA-1212-1 : otrs2 security update
2017-12-20 00:00:00
openvas
openvas
openSUSE: Security Advisory for otrs (openSUSE-SU-2017:3054-1)
2017-11-24 00:00:00
Debian: Security Advisory (DSA-4047-1)
2017-11-22 00:00:00
Debian: Security Advisory (DLA-1212-1)
2023-03-08 00:00:00
osv
osv
otrs2 - security update
2017-12-19 00:00:00
otrs2 - security update
2017-11-23 00:00:00
CVE-2017-16664
2017-11-21 14:29:00
cve
cve
CVE-2017-16664
2017-11-21 14:29:00
CVE-2017-15864
2017-11-16 15:29:00
cvelist
cvelist
CVE-2017-16664
2017-11-21 14:00:00
CVE-2017-15864
2017-11-16 15:00:00
debiancve
debiancve
CVE-2017-16664
2017-11-21 14:29:00
CVE-2017-15864
2017-11-16 15:29:00
nvd
nvd
CVE-2017-16664
2017-11-21 14:29:00
CVE-2017-15864
2017-11-16 15:29:00
prion
prion
Code injection
2017-11-21 14:29:00
Information disclosure
2017-11-16 15:29:00
ubuntucve
ubuntucve
CVE-2017-16664
2017-11-21 00:00:00
CVE-2017-15864
2017-11-16 00:00:00
freebsd
freebsd
OTRS -- Multiple vulnerabilities
2017-11-21 00:00:00