TITLE: Debian update for otrs SECUNIA ADVISORY ID: SA18887 VERIFY ADVISORY: http://secunia.com/advisories/18887/ CRITICAL: Moderately critical IMPACT: Manipulation of data, Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for otrs. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection, script insertion, and cross-site scripting attacks. For more information: SA17685 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/o/otrs/otrs_1.3.2p01-6.dsc Size/MD5 checksum: 600 0dd0acec3580502a8f9ecf061ed931de http://security.debian.org/pool/updates/main/o/otrs/otrs_1.3.2p01-6.diff.gz Size/MD5 checksum: 15917 f94589b636198b60b76d36ce074dc04f http://security.debian.org/pool/updates/main/o/otrs/otrs_1.3.2p01.orig.tar.gz Size/MD5 checksum: 6639786 8861ace308c6f058b331fbd0e8437f0c Architecture independent components: http://security.debian.org/pool/updates/main/o/otrs/otrs-doc-de_1.3.2p01-6_all.deb Size/MD5 checksum: 3005222 9783133f230474fabdca9b6fa30ea1d9 http://security.debian.org/pool/updates/main/o/otrs/otrs-doc-en_1.3.2p01-6_all.deb Size/MD5 checksum: 2312748 2cd8499682e6b4a5fd3ad7472329a3da http://security.debian.org/pool/updates/main/o/otrs/otrs_1.3.2p01-6_all.deb Size/MD5 checksum: 920580 c29a6b599e31d7b5a847f2f74b658a3c -- Debian GNU/Linux unstable alias sid -- Fixed in version 2.0.4p01-1. ORIGINAL ADVISORY: http://www.debian.org/security/2006/dsa-973 OTHER REFERENCES: SA17685: http://secunia.com/advisories/17685/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------