371499 – www-apps/otrs: Multiple vulnerabilities (CVE-2010-{4759,4760,4761,4762,4763,4764,4765,4766,4767,4768},CVE-2011-{0456,1433,1518})

Bug 371499 - www-apps/otrs: Multiple vulnerabilities (CVE-2010-{4759,4760,4761,4762,4763,4764,4765,4766,4767,4768},CVE-2011-{0456,1433,1518})

Summary: www-apps/otrs: Multiple vulnerabilities (CVE-2010-{4759,4760,4761,4762,4763,4...

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	~1 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2011-06-13 21:10 UTC by GLSAMaker/CVETool Bot
Modified:	2011-06-13 21:13 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2011-06-13 21:10:37 UTC

CVE-2011-1518 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1518):
  Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request
  System (OTRS) 2.4.x before 2.4.10 and 3.x before 3.0.7 allow remote
  attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2011-1433 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1433):
  The (1) AgentInterface and (2) CustomerInterface components in Open Ticket
  Request System (OTRS) before 3.0.6 place cleartext credentials into the
  session data in the database, which makes it easier for context-dependent
  attackers to obtain sensitive information by reading the _UserLogin and
  _UserPW fields.

CVE-2011-0456 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0456):
  webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows
  remote attackers to execute arbitrary commands via unspecified vectors,
  related to a "command injection vulnerability."

CVE-2010-4768 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4768):
  Open Ticket Request System (OTRS) before 2.3.5 does not properly disable
  hidden permissions, which allows remote authenticated users to bypass
  intended queue access restrictions in opportunistic circumstances by
  visiting a ticket, related to a certain ordering of permission-set and
  permission-remove operations involving both hidden permissions and other
  permissions.

CVE-2010-4767 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4767):
  Open Ticket Request System (OTRS) before 2.3.6 does not properly handle
  e-mail messages in which the From line contains UTF-8 characters associated
  with diacritical marks and an invalid charset, which allows remote attackers
  to cause a denial of service (duplicate tickets and duplicate
  auto-responses) by sending a crafted message to a POP3 mailbox.

CVE-2010-4766 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4766):
  The AgentTicketForward feature in Open Ticket Request System (OTRS) before
  2.4.7 does not properly remove inline images from HTML e-mail messages,
  which allows remote attackers to obtain potentially sensitive image
  information in opportunistic circumstances by reading a forwarded message in
  a standard e-mail client.

CVE-2010-4765 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4765):
  Race condition in the Kernel::System::Main::FileWrite method in Open Ticket
  Request System (OTRS) before 2.4.8 allows remote authenticated users to
  corrupt the TicketCounter.log data in opportunistic circumstances by
  creating tickets.

CVE-2010-4764 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4764):
  Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, does
  not present warnings about incoming encrypted e-mail messages that were
  based on revoked PGP or GPG keys, which makes it easier for remote attackers
  to spoof e-mail communication by leveraging a key that has a revocation
  signature.

CVE-2010-4763 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4763):
  The ACL-customer-status Ticket Type setting in Open Ticket Request System
  (OTRS) before 3.0.0-beta1 does not restrict the ticket options after an AJAX
  reload, which allows remote authenticated users to bypass intended ACL
  restrictions on the (1) Status, (2) Service, and (3) Queue via selections.

CVE-2010-4762 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4762):
  Cross-site scripting (XSS) vulnerability in the rich-text-editor component
  in Open Ticket Request System (OTRS) before 3.0.0-beta2 allows remote
  authenticated users to inject arbitrary web script or HTML by using the
  "source code" feature in the customer interface.

CVE-2010-4761 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4761):
  The customer-interface ticket-print dialog in Open Ticket Request System
  (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data,
  which allows remote authenticated users to obtain potentially sensitive
  information from the (1) responsible, (2) owner, (3) accounted time, (4)
  pending until, and (5) lock fields by reading this dialog.

CVE-2010-4760 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4760):
  Open Ticket Request System (OTRS) before 3.0.0-beta6 adds
  email-notification-ext articles to tickets during processing of event-based
  notifications, which allows remote authenticated users to obtain potentially
  sensitive information by reading a ticket.

CVE-2010-4759 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4759):
  Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly
  restrict the ticket ages that are within the scope of a search, which allows
  remote authenticated users to cause a denial of service (daemon hang) via a
  fulltext search.

Comment 1 Alex Legler (RETIRED) archtester

2011-06-13 21:13:25 UTC

Sorry for the dupes.