SB2011031811 - Multiple vulnerabilities in OTRS

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2010-4759)

The vulnerability allows a remote #AU# to perform service disruption.

Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service (daemon hang) via a fulltext search.

2) Information disclosure (CVE-ID: CVE-2010-4760)

The vulnerability allows a remote #AU# to gain access to sensitive information.

Open Ticket Request System (OTRS) before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket.

3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2010-4761)

The vulnerability allows a remote #AU# to gain access to sensitive information.

The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the (1) responsible, (2) owner, (3) accounted time, (4) pending until, and (5) lock fields by reading this dialog.

Remediation

Install update from vendor's website.

References

• http://bugs.otrs.org/show_bug.cgi?id=1639
• http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807
• http://bugs.otrs.org/show_bug.cgi?id=5975
• http://bugs.otrs.org/show_bug.cgi?id=5875