DSA-2220-1 request-tracker3.6, request-tracker3.8 -- severalID: oval:org.secpod.oval:def:600543 | Date: (C)2011-07-05 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several vulnerabilities were in Request Tracker, an issue tracking system. CVE-2011-1685 If the external custom field feature is enabled, Request Tracker allows authenticated users to execute arbitrary code with the permissions of the web server, possible triggered by a cross-site request forgery attack. CVE-2011-1686 Multiple SQL injection attacks allow authenticated users to obtain data from the database in an unauthorized way. CVE-2011-1687 An information leak allows an authenticated privileged user to obtain sensitive information, such as encrypted passwords, via the search interface. CVE-2011-1688 When running under certain web servers , Request Tracker is vulnerable to a directory traversal attack, allowing attackers to read any files accessible to the web server. Request Tracker instances running under Apache or Nginx are not affected. CVE-2011-1689 Request Tracker contains multiple cross-site scripting vulnerabilities. CVE-2011-1690 Request Tracker enables attackers to redirect authentication credentials supplied by legitimate users to third-party servers.
Platform: |
Debian 5.0 |
Debian 6.0 |
Product: |
request-tracker3.6 |
request-tracker3.8 |