Debian Local Security Checks : Debian: Security Advisory (DSA-2220-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.1.1.2011.2220

Category: Debian Local Security Checks

Title: Debian: Security Advisory (DSA-2220-1)

Summary: The remote host is missing an update for the Debian 'request-tracker3.6, request-tracker3.8' package(s) announced via the DSA-2220-1 advisory.

Description: Summary:
The remote host is missing an update for the Debian 'request-tracker3.6, request-tracker3.8' package(s) announced via the DSA-2220-1 advisory.

Vulnerability Insight:
Several vulnerabilities were discovered in Request Tracker, an issue tracking system.

CVE-2011-1685

If the external custom field feature is enabled, Request Tracker allows authenticated users to execute arbitrary code with the permissions of the web server, possible triggered by a cross-site request forgery attack. (External custom fields are disabled by default.)

CVE-2011-1686

Multiple SQL injection attacks allow authenticated users to obtain data from the database in an unauthorized way.

CVE-2011-1687

An information leak allows an authenticated privileged user to obtain sensitive information, such as encrypted passwords, via the search interface.

CVE-2011-1688

When running under certain web servers (such as Lighttpd), Request Tracker is vulnerable to a directory traversal attack, allowing attackers to read any files accessible to the web server. Request Tracker instances running under Apache or Nginx are not affected.

CVE-2011-1689

Request Tracker contains multiple cross-site scripting vulnerabilities.

CVE-2011-1690

Request Tracker enables attackers to redirect authentication credentials supplied by legitimate users to third-party servers.

For the oldstable distribution (lenny), these problems have been fixed in version 3.6.7-5+lenny6 of the request-tracker3.6 package.

For the stable distribution (squeeze), these problems have been fixed in version 3.8.8-7+squeeze1 of the request-tracker3.8 package.

For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 3.8.10-1 of the request-tracker3.8 package.

We recommend that you upgrade your Request Tracker packages.

Affected Software/OS:
'request-tracker3.6, request-tracker3.8' package(s) on Debian 5, Debian 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1685
BugTraq ID: 47383
http://www.securityfocus.com/bid/47383
Debian Security Information: DSA-2220 (Google Search)
http://www.debian.org/security/2011/dsa-2220
http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html
http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html
http://secunia.com/advisories/44189
http://www.vupen.com/english/advisories/2011/1071
XForce ISS Database: rt-externalcustomfield-code-exec(66791)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66791
Common Vulnerability Exposure (CVE) ID: CVE-2011-1686
http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000189.html
XForce ISS Database: rt-unspec-sql-injection(66792)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66792
Common Vulnerability Exposure (CVE) ID: CVE-2011-1687
XForce ISS Database: rt-search-interface-info-disclosure(66793)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66793
Common Vulnerability Exposure (CVE) ID: CVE-2011-1688
XForce ISS Database: rt-unspecified-dir-traversal(66795)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66795
Common Vulnerability Exposure (CVE) ID: CVE-2011-1689
XForce ISS Database: rt-unspec-xss(66796)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66796
Common Vulnerability Exposure (CVE) ID: CVE-2011-1690
XForce ISS Database: rt-unspecified-sec-bypass(66794)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66794

Copyright Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.1.1.2011.2220
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-2220-1)
Summary:	The remote host is missing an update for the Debian 'request-tracker3.6, request-tracker3.8' package(s) announced via the DSA-2220-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'request-tracker3.6, request-tracker3.8' package(s) announced via the DSA-2220-1 advisory. Vulnerability Insight: Several vulnerabilities were discovered in Request Tracker, an issue tracking system. CVE-2011-1685 If the external custom field feature is enabled, Request Tracker allows authenticated users to execute arbitrary code with the permissions of the web server, possible triggered by a cross-site request forgery attack. (External custom fields are disabled by default.) CVE-2011-1686 Multiple SQL injection attacks allow authenticated users to obtain data from the database in an unauthorized way. CVE-2011-1687 An information leak allows an authenticated privileged user to obtain sensitive information, such as encrypted passwords, via the search interface. CVE-2011-1688 When running under certain web servers (such as Lighttpd), Request Tracker is vulnerable to a directory traversal attack, allowing attackers to read any files accessible to the web server. Request Tracker instances running under Apache or Nginx are not affected. CVE-2011-1689 Request Tracker contains multiple cross-site scripting vulnerabilities. CVE-2011-1690 Request Tracker enables attackers to redirect authentication credentials supplied by legitimate users to third-party servers. For the oldstable distribution (lenny), these problems have been fixed in version 3.6.7-5+lenny6 of the request-tracker3.6 package. For the stable distribution (squeeze), these problems have been fixed in version 3.8.8-7+squeeze1 of the request-tracker3.8 package. For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 3.8.10-1 of the request-tracker3.8 package. We recommend that you upgrade your Request Tracker packages. Affected Software/OS: 'request-tracker3.6, request-tracker3.8' package(s) on Debian 5, Debian 6. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1685 BugTraq ID: 47383 http://www.securityfocus.com/bid/47383 Debian Security Information: DSA-2220 (Google Search) http://www.debian.org/security/2011/dsa-2220 http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000188.html http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000187.html http://secunia.com/advisories/44189 http://www.vupen.com/english/advisories/2011/1071 XForce ISS Database: rt-externalcustomfield-code-exec(66791) https://exchange.xforce.ibmcloud.com/vulnerabilities/66791 Common Vulnerability Exposure (CVE) ID: CVE-2011-1686 http://lists.bestpractical.com/pipermail/rt-announce/2011-April/000189.html XForce ISS Database: rt-unspec-sql-injection(66792) https://exchange.xforce.ibmcloud.com/vulnerabilities/66792 Common Vulnerability Exposure (CVE) ID: CVE-2011-1687 XForce ISS Database: rt-search-interface-info-disclosure(66793) https://exchange.xforce.ibmcloud.com/vulnerabilities/66793 Common Vulnerability Exposure (CVE) ID: CVE-2011-1688 XForce ISS Database: rt-unspecified-dir-traversal(66795) https://exchange.xforce.ibmcloud.com/vulnerabilities/66795 Common Vulnerability Exposure (CVE) ID: CVE-2011-1689 XForce ISS Database: rt-unspec-xss(66796) https://exchange.xforce.ibmcloud.com/vulnerabilities/66796 Common Vulnerability Exposure (CVE) ID: CVE-2011-1690 XForce ISS Database: rt-unspecified-sec-bypass(66794) https://exchange.xforce.ibmcloud.com/vulnerabilities/66794
Copyright	Copyright (C) 2023 Greenbone AG