This host is installed with OTRS (Open Ticket Request System) or OTRS:ITSM and is prone to information disclosure vulnerability.

Successful exploitation will allow remote attackers to gain access to sensitive information. Impact Level: Application

Upgrade to OTRS (Open Ticket Request System) version 3.0.20, 3.1.16 and 3.2.7 or later, and OTRS::ITSM version 3.2.5, 3.1.9 and 3.0.8 For updates refer to http://www.otrs.com/en/ or Apply patch from the vendor advisory link http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-03/

An error exists in application when handling URLs related to the ticket split mechanism

OTRS (Open Ticket Request System) version 3.0.x up to and including 3.0.19, 3.1.x up to and including 3.1.15 and 3.2.x up to and including 3.2.6 OTRS::ITSM 3.1.0 up to and including 3.1.8, 3.0.0 up to and including 3.0.7 and 3.2.0 up to and including 3.2.4

Get the installed version and location of OTRS with the help of detect NVT and check the OTRS and OTRS:ITSM version is vulnerable or not.

• http://osvdb.org/93628
• http://secunia.com/advisories/53496/
• http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-03/
• http://www.securityfocus.com/bid/60117

---

Updated on 2015-03-25