Debian Security Advisory DSA 2231-1 (otrs2) Network Vulnerability

Summary

The remote host is missing an update to otrs2 announced via advisory DSA 2231-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202231-1

Insight

Multiple cross-site scripting vulnerabilities were discovered in Open Ticket Request System (OTRS), a trouble-ticket system. (CVE-2011-1518) In addition, this security update a failure when upgrading the package from lenny to squeeze. The oldstable distribution (lenny) is not affected by this problem. For the stable distribution (squeeze), this problem has been fixed in version 2.4.9+dfsg1-3+squeeze1. For the unstable distribution (sid), this problem has been fixed in version 2.4.10+dfsg1-1. We recommend that you upgrade your otrs2 packages.

Severity

Classification

CVE CVE-2011-1518

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 1122-1 (libnet-server-perl)
Debian Security Advisory DSA 1071-1 (mysql)
Debian Security Advisory DSA 1053-1 (mozilla)
Debian Security Advisory DSA 055-1 (gftp)
Debian Security Advisory DSA 1077-1 (lynx-ssl)

Take action and discover your vulnerabilities