Lucene search
Ubuntu.comUB:CVE-2011-1008HistoryFeb 28, 2011 - 12:00 a.m.
CVE-2011-1008
2011-02-2800:00:00
ubuntu.com
ubuntu.com
10
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
61.7%
Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not
properly restrict access to a TicketObj in a Scrip after a CurrentUser
change, which allows remote authenticated users to obtain sensitive
information via unspecified vectors, as demonstrated by custom-field value
information, related to SQL logging.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | request-tracker3.8 | < 3.8.7-1ubuntu2.2 | UNKNOWN |
| ubuntu | 10.10 | noarch | request-tracker3.8 | < 3.8.8-4ubuntu0.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | request-tracker3.8 | < 3.8.10-1 | UNKNOWN |
Related
cve
cve
CVE-2011-1008
2011-02-28 16:00:01
cvelist
cvelist
CVE-2011-1008
2011-02-28 15:00:00
prion
prion
Design/Logic Flaw
2011-02-28 16:00:00
nvd
nvd
CVE-2011-1008
2011-02-28 16:00:01
openvas
openvas
RT (Request Tracker) Multiple Vulnerabilities
2011-03-09 00:00:00
RT (Request Tracker) Multiple Vulnerabilities
2011-03-09 00:00:00
nessus
nessus
Request Tracker 3.x < 3.8.9 Security Bypass and Information Disclosure
2011-02-25 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
61.7%
Related for UB:CVE-2011-1008