Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1165

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-1165
Last Modified 09 Apr 2015 10:00:12
Published 09 Mar 2015 10:59:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1165

Summary

RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.

Vulnerable Systems

Operating System

  • Debian Linux 7.0

  • Fedoraproject Fedora 22

Application

  • Bestpractical Request Tracker 3.8.10

  • Bestpractical Request Tracker 3.8.11

  • Bestpractical Request Tracker 3.8.12

  • Bestpractical Request Tracker 3.8.13

  • Bestpractical Request Tracker 3.8.14

  • Bestpractical Request Tracker 3.8.15

  • Bestpractical Request Tracker 3.8.16

  • Bestpractical Request Tracker 3.8.17

  • Bestpractical Request Tracker 3.8.8

  • Bestpractical Request Tracker 3.8.9

  • Bestpractical Request Tracker 4.0.0

  • Bestpractical Request Tracker 4.0.1

  • Bestpractical Request Tracker 4.0.10

  • Bestpractical Request Tracker 4.0.11

  • Bestpractical Request Tracker 4.0.12

  • Bestpractical Request Tracker 4.0.13

  • Bestpractical Request Tracker 4.0.14

  • Bestpractical Request Tracker 4.0.15

  • Bestpractical Request Tracker 4.0.16

  • Bestpractical Request Tracker 4.0.17

  • Bestpractical Request Tracker 4.0.18

  • Bestpractical Request Tracker 4.0.19

  • Bestpractical Request Tracker 4.0.2

  • Bestpractical Request Tracker 4.0.20

  • Bestpractical Request Tracker 4.0.21

  • Bestpractical Request Tracker 4.0.22

  • Bestpractical Request Tracker 4.0.3

  • Bestpractical Request Tracker 4.0.4

  • Bestpractical Request Tracker 4.0.5

  • Bestpractical Request Tracker 4.0.6

  • Bestpractical Request Tracker 4.0.7

  • Bestpractical Request Tracker 4.0.8

  • Bestpractical Request Tracker 4.0.9

  • Bestpractical Request Tracker 4.2.0

  • Bestpractical Request Tracker 4.2.1

  • Bestpractical Request Tracker 4.2.2

  • Bestpractical Request Tracker 4.2.3

  • Bestpractical Request Tracker 4.2.4

  • Bestpractical Request Tracker 4.2.5

  • Bestpractical Request Tracker 4.2.6

  • Bestpractical Request Tracker 4.2.7

  • Bestpractical Request Tracker 4.2.8

  • Bestpractical Request Tracker 4.2.9


References

DEBIAN - DSA-3176

CONFIRM - http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html

FEDORA - FEDORA-2015-4698

FEDORA - FEDORA-2015-4666


Last Updated: 27 May 2016 11:08:00