This host is installed with OTRS (Open Ticket Request System) Help Desk and is prone to privilege escalation vulnerability.

Successful exploitation will allow remote attackers to gain access to and make changes to ticket data of other users. Impact Level: Application

Upgrade to OTRS Help Desk version 3.2.17 or 3.3.11 or 4.0.3 or later. For updates refer http://www.otrs.com

The error exists due to error in the 'GenericInterface' that is due to a lack of sufficient permission checks.

OTRS Help Desk versions 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://osvdb.org/116024
• http://secunia.com/advisories/59875
• https://www.otrs.com/security-advisory-2014-06-incomplete-access-control

---

Updated on 2015-03-25