Test ID:	1.3.6.1.4.1.25623.1.0.902509
Category:	Web application abuses
Title:	RT (Request Tracker) Unspecified Security Bypass Vulnerability
Summary:	Request Tracker is prone to unspecified security bypass vulnerability.
Description:	Summary: Request Tracker is prone to unspecified security bypass vulnerability. Vulnerability Insight: The flaw is caused by an unspecified error and can be exploited to trick a user into sending authentication credentials to an untrusted 3rd party server. Vulnerability Impact: Successful exploitation will allow remote attackers to trick users into sending credentials to an arbitrary server via unspecified vectors. Affected Software/OS: RT (Request Tracker) versions 3.6.0 through 3.6.10 and 3.8.0 through 3.8.8. Solution: Upgrade to RT (Request Tracker) version 3.8.10 or 3.6.11. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1690 BugTraq ID: 47383 http://www.securityfocus.com/bid/47383 Debian Security Information: DSA-2220 (Google Search) http://www.debian.org/security/2011/dsa-2220 http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000189.html http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html http://secunia.com/advisories/44189 http://www.vupen.com/english/advisories/2011/1071 XForce ISS Database: rt-unspecified-sec-bypass(66794) https://exchange.xforce.ibmcloud.com/vulnerabilities/66794
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.