Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-2084
HistoryJun 04, 2012 - 12:00 a.m.

CVE-2011-2084

2012-06-0400:00:00
ubuntu.com
ubuntu.com
8

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

50.9%

Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows
remote authenticated users to read (1) hashes of former passwords and (2)
ticket correspondence history by leveraging access to a privileged account.

Bugs

Notes

Author Note
jdstrand regressions found in DSA-2480 (see bugs)
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchrequest-tracker3.8< 3.8.7-1ubuntu2.3UNKNOWN
ubuntu11.10noarchrequest-tracker3.8< 3.8.10-1ubuntu0.1UNKNOWN
ubuntu12.04noarchrequest-tracker3.8< 3.8.11-1ubuntu0.1UNKNOWN

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

50.9%

Related for UB:CVE-2011-2084