|Category:||Debian Local Security Checks|
|Title:||Debian LTS Advisory ([SECURITY] [DLA 1521-1] otrs2 security update)|
|Summary:||Fabien Arnoux discovered several security issues in email validation;of otrs system.;;CVE-2018-16586;;Load external image or CSS resources in browser when user opens a;malicious email.;;CVE-2018-16587;;Remote deletions of arbitrary files that the OTRS web server user;has write access when opening malicious email.|
Fabien Arnoux discovered several security issues in email validation
of otrs system.
Load external image or CSS resources in browser when user opens a
Remote deletions of arbitrary files that the OTRS web server user
has write access when opening malicious email.
OTRS is an Open source Ticket Request System (also well known as
trouble ticket system) with many features to manage customer telephone
calls and e-mails. The system is built to allow your support, sales,
pre-sales, billing, internal IT, helpdesk, etc. department to react
quickly to inbound inquiries. For a detailed documentation see package
otrs-doc-en or otrs-doc-de.
otrs2 on Debian Linux
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your otrs2 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2018-16586|
Common Vulnerability Exposure (CVE) ID: CVE-2018-16587
|Copyright||Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.