Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1690

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1690
Last Modified 11 May 2011 03:25:43
Published 22 Apr 2011 06:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1690

Summary

Best Practical Solutions RT 3.6.0 through 3.6.10 and 3.8.0 through 3.8.8 allows remote attackers to trick users into sending credentials to an arbitrary server via unspecified vectors.

Vulnerable Systems

Application

  • Bestpractical Rt 3.6.0

  • Bestpractical Rt 3.6.1

  • Bestpractical Rt 3.6.10

  • Bestpractical Rt 3.6.2

  • Bestpractical Rt 3.6.3

  • Bestpractical Rt 3.6.4

  • Bestpractical Rt 3.6.5

  • Bestpractical Rt 3.6.6

  • Bestpractical Rt 3.6.7

  • Bestpractical Rt 3.6.8

  • Bestpractical Rt 3.6.9

  • Bestpractical Rt 3.8.0

  • Bestpractical Rt 3.8.1

  • Bestpractical Rt 3.8.2

  • Bestpractical Rt 3.8.3

  • Bestpractical Rt 3.8.4

  • Bestpractical Rt 3.8.5

  • Bestpractical Rt 3.8.6

  • Bestpractical Rt 3.8.7

  • Bestpractical Rt 3.8.8


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=696795

MLIST - [rt-announce] 20110414 RT 3.6.11 Released - Security Release

MLIST - [rt-announce] 20110414 RT 3.8.10 Released - Security Release

MLIST - [rt-announce] 20110414 Security vulnerabilities in RT

XF - rt-unspecified-sec-bypass(66794)

VUPEN - ADV-2011-1071

BID - 47383

DEBIAN - DSA-2220

SECUNIA - 44189

CONFIRM - http://blog.bestpractical.com/2011/04/security-vulnerabilities-in-rt.html


Last Updated: 27 May 2016 10:56:24