English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.10.2017.0325
Category:Mageia Linux Local Security Checks
Title:Mageia: Security Advisory (MGASA-2017-0325)
Summary:The remote host is missing an update for the 'perl-Encode, rt' package(s) announced via the MGASA-2017-0325 advisory.
Description:Summary:
The remote host is missing an update for the 'perl-Encode, rt' package(s) announced via the MGASA-2017-0325 advisory.

Vulnerability Insight:
RT 4.0.0 and above are vulnerable to a limited privilege escalation leading to
unauthorized modification of ticket data. The DeleteTicket right and any
custom lifecycle transition rights may be bypassed by any user with
ModifyTicket (CVE-2012-4733).

RT 3.8.0 and above include a version of bin/rt that uses semi-predictable
names when creating tempfiles. This could possibly be exploited by a
malicious user to overwrite files with permissions of the user running bin/rt
(CVE-2013-3368).

RT 3.8.0 and above allow calling of arbitrary Mason components (without
control of arguments) for users who can see administration pages. This could
be used by a malicious user to run private components which may have negative
side-effects (CVE-2013-3369).

RT 3.8.0 and above allow direct requests to private callback components.
Though no callback components ship with RT, this could be used to exploit an
extension or local callback which uses the arguments passed to it insecurely
(CVE-2013-3370).

RT 3.8.3 and above are vulnerable to cross-site scripting (XSS) via attachment
filenames. The vector is difficult to exploit due to parsing requirements.
Additionally, RT 4.0.0 and above are vulnerable to XSS via maliciously-crafted
'URLs' in ticket content when RT's 'MakeClicky' feature is configured
(CVE-2013-3371).

RT 3.8.0 and above are vulnerable to an HTTP header injection limited to the
value of the Content-Disposition header. Injection of other arbitrary
response headers is not possible. Some (especially older) browsers may allow
multiple Content-Disposition values which could lead to XSS. Newer browsers
contain security measures to prevent this (CVE-2013-3372).

RT 3.8.0 and above are vulnerable to a MIME header injection in outgoing email
generated by RT (CVE-2013-3373).

RT 3.8.0 and above are vulnerable to limited session re-use when using the
file-based session store, Apache::Session::File. RT's default session
configuration only uses Apache::Session::File for Oracle (CVE-2013-3374).

RT 3.0.0 and above, if running on Perl 5.14.0 or higher, are vulnerable to a
remote denial-of-service via the email gateway, any installation which accepts
mail from untrusted sources is vulnerable, regardless of the permissions
configuration inside RT. This denial-of-service may encompass both CPU and
disk usage, depending on RT's logging configuration (CVE-2014-9472).

RT 3.8.8 and above are vulnerable to an information disclosure attack which
may reveal RSS feeds URLs, and thus ticket data (CVE-2015-1165).

RSS feed URLs can also be leveraged to perform session hijacking, allowing a
user with the URL to log in as the user that created the feed (CVE-2015-1464).

RT 4.0.0 and above are vulnerable to a cross-site scripting (XSS) attack via
the user and group rights management pages (CVE-2015-5475).

RT 4.2.0 and above are vulnerable to a cross-site scripting (XSS) attack
via the cryptography interface. ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'perl-Encode, rt' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-4733
http://lists.bestpractical.com/pipermail/rt-announce/2013-May/000227.html
http://lists.bestpractical.com/pipermail/rt-announce/2013-May/000226.html
http://www.osvdb.org/93611
http://secunia.com/advisories/53522
Common Vulnerability Exposure (CVE) ID: CVE-2013-3368
Debian Security Information: DSA-2670 (Google Search)
http://www.debian.org/security/2012/dsa-2670
http://lists.bestpractical.com/pipermail/rt-announce/2013-May/000228.html
http://www.osvdb.org/93612
http://secunia.com/advisories/53505
Common Vulnerability Exposure (CVE) ID: CVE-2013-3369
http://www.osvdb.org/93610
Common Vulnerability Exposure (CVE) ID: CVE-2013-3370
http://www.osvdb.org/93609
Common Vulnerability Exposure (CVE) ID: CVE-2013-3371
http://www.osvdb.org/93608
Common Vulnerability Exposure (CVE) ID: CVE-2013-3372
http://www.osvdb.org/93607
Common Vulnerability Exposure (CVE) ID: CVE-2013-3373
http://www.osvdb.org/93606
Common Vulnerability Exposure (CVE) ID: CVE-2013-3374
http://www.osvdb.org/93605
Common Vulnerability Exposure (CVE) ID: CVE-2014-9472
BugTraq ID: 72832
http://www.securityfocus.com/bid/72832
Debian Security Information: DSA-3176 (Google Search)
http://www.debian.org/security/2015/dsa-3176
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154213.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154047.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-1165
Common Vulnerability Exposure (CVE) ID: CVE-2015-1464
Common Vulnerability Exposure (CVE) ID: CVE-2015-5475
BugTraq ID: 76364
http://www.securityfocus.com/bid/76364
Debian Security Information: DSA-3335 (Google Search)
http://www.debian.org/security/2015/dsa-3335
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164607.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165163.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165124.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6127
BugTraq ID: 99375
http://www.securityfocus.com/bid/99375
Debian Security Information: DSA-3882 (Google Search)
http://www.debian.org/security/2017/dsa-3882
Common Vulnerability Exposure (CVE) ID: CVE-2017-5361
Debian Security Information: DSA-3883 (Google Search)
http://www.debian.org/security/2017/dsa-3883
Common Vulnerability Exposure (CVE) ID: CVE-2017-5943
BugTraq ID: 99384
http://www.securityfocus.com/bid/99384
Common Vulnerability Exposure (CVE) ID: CVE-2017-5944
BugTraq ID: 99381
http://www.securityfocus.com/bid/99381
CopyrightCopyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.