[otrs2] [CVE-2008-1515] information disclosure
Bug #214993 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
otrs2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: otrs2
Quoting CVE-2008-1515:
"The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 contains "Missing security checks," which allows remote attackers to "read and modify objects" via SOAP requests. "
CVE References
To post a comment you must log in.
I'm confirming this bug. Here's more information : otrs.org/ news/2008/ otrs_2_ 2_6/
http://