Parent Directory | Revision Log
MGASA-2013-0196
1 | davidwhodgins | 114 | type: security |
2 | subject: Updated otrs package fixes security vulnerabilities | ||
3 | CVE: | ||
4 | - CVE-2013-3551 | ||
5 | - CVE-2013-4088 | ||
6 | src: | ||
7 | 2: | ||
8 | core: | ||
9 | - otrs-3.2.8-1.mga2 | ||
10 | 3: | ||
11 | core: | ||
12 | - otrs-3.2.8-1.mga3 | ||
13 | description: | | ||
14 | An attacker with a valid agent login could manipulate URLs in the ticket | ||
15 | watch mechanism to see contents of tickets they are not permitted to see | ||
16 | (CVE-2013-3551, CVE-2013-4088). | ||
17 | references: | ||
18 | - https://bugs.mageia.org/show_bug.cgi?id=10352 | ||
19 | - http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-03/ | ||
20 | - http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-04/ | ||
21 | - http://www.debian.org/security/2013/dsa-2696 | ||
22 | - http://www.debian.org/security/2013/dsa-2712 | ||
23 | boklm | 127 | ID: MGASA-2013-0196 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |