Secunia
Login
|
|
|
|
|
|
|
|
|
Debian update for request-tracker3.8
Release Date: 2012-05-25 Last Update: 2012-09-17 Views: 805
Secunia Advisory SA49275
Where:
From remote
Impact:
Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, System access,
Solution Status:
Vendor Patch
CVE Reference(s):
Description
Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct SQL injection attacks, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system.
For more information:
SA49259
Solution:
Apply updated packages via the apt-get package manager.
Further details available to Secunia VIM customers
Original Advisory:
DSA-2480-1:
http://lists.debian.org/debian-security-announce/2012/msg00117.html
DSA-2480-2:
http://lists.debian.org/debian-security-announce/2012/msg00118.html
DSA-2480-3:
http://www.debian.org/security/2012/dsa-2480
DSA-2480-4:
http://www.debian.org/security/2012/dsa-2480.html
Deep Links:
Links available to Secunia VIM customers
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com
Subject: Debian update for request-tracker3.8
|
No posts yet |
|
You must be logged in to post a comment. |
