Operating System:

[WIN][UNIX/Linux][Debian]

Published:

27 February 2015

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2015.0460 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.0460
                     request-tracker4 security update
                             27 February 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           request-tracker4
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Denial of Service        -- Remote/Unauthenticated
                   Access Confidential Data -- Remote/Unauthenticated
                   Unauthorised Access      -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-1464 CVE-2015-1165 CVE-2014-9472

Original Bulletin: 
   http://www.debian.org/security/2015/dsa-3176

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running request-tracker4 check for an updated version of the 
         software for their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3176-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
February 26, 2015                      http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : request-tracker4
CVE ID         : CVE-2014-9472 CVE-2015-1165 CVE-2015-1464

Multiple vulnerabilities have been discovered in Request Tracker, an
extensible trouble-ticket tracking system. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2014-9472

    Christian Loos discovered a remote denial of service vulnerability,
    exploitable via the email gateway and affecting any installation
    which accepts mail from untrusted sources. Depending on RT's
    logging configuration, a remote attacker can take advantage of
    this flaw to cause CPU and excessive disk usage.

CVE-2015-1165

    Christian Loos discovered an information disclosure flaw which may
    reveal RSS feeds URLs, and thus ticket data.

CVE-2015-1464

    It was discovered that RSS feed URLs can be leveraged to perform
    session hijacking, allowing a user with the URL to log in as the
    user that created the feed.

For the stable distribution (wheezy), these problems have been fixed in
version 4.0.7-5+deb7u3.

For the unstable distribution (sid), these problems have been fixed in
version 4.2.8-3.

We recommend that you upgrade your request-tracker4 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJU71C8AAoJEAVMuPMTQ89ENQAQAJA8agv/2VdDIYAwyv+2FV7M
1Arg6FbVN5tzge0fknMJ1a5vNMIaVnHNO+MPknKOB2+o+O7Lsk6RNW21Wr0PvrmM
Q1VWKBPD8tiPhj7MuEfAWvjz8py0AvZZ2LoiMa05BXTQqWbUvFDNBFE5IdYpnQFS
Zsyzsg0nEqfvwqlcSElD3m9nm0DfRikTkFJ0AHS78+eY0I1J4Zcv8IP3whEu4KBy
Y4HHwpmoClziszw42jpPAUd3FEUVVam/VS53WiQkDLefjyPfVUWnH8Hk4owisk/l
2PNiQ3TkCcCBjF+NAkpgHnPXJ7c2WwQto9WoOyPKVPNH2Defk8+cVkzkpG1vA978
rhdhiVSFaHQ1LcFJvqYiS9b2AMv5O3GDC73/a6/HRNeMspXQBYJ5iCBb+b4iI4PQ
XtjjhaofArxH5eZ9ltEMOWtTeSDbLcCP4vrHYoHacw/1HxeJ9TP/VTm621Mm/31M
O4/ltuQEYVKRzbdVmzUb5USEkkX8RTPNIYPwRmCdOMiOr+DCNd+ast3IzTmRfF4h
jCDnlmsd4/VQSgaiW9cSV9MXxzJ9cZkEMDC/BwlUQt6Cn43IEsdNebjPW8Ndkj6R
0daeEtMBzG10XEd8HE3ZX4wxiSxhM3bV/dV2fcRntK9opWwhmxmxCjRoS27YDAzr
xZG8zRfGJuH4oe4nTa0o
=CWqr
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVO+4oxLndAQH1ShLAQJJzg//TZnJIODnPvHAgNetW08YAYuCxi0LRCzu
8b7LgSLJ607yfFthQr+hHflvVYQHS+o3Iq+vARUr5gbkGViXdCPHIIKnKKdPhGnp
DesQOh6RMFgZVRmcLw1Hzhw8QY+QAgjwRoNAEZgYLycsPLDNXfSkBkivW6jcGOG+
Hrjd4m649kfK+LYMKP7rG9rCbAHad8K9XkRmiEgfEUf3Igkk9mpma0utHS4Q0XKJ
InX6Sd+Zg/5cMK4jSAW9U98x721iUgnDiDsNbDWfBq2MAAwmOnwnMuCiHjS5xgd2
+G1XI0wfQd4nIomFYE6UO5HR/jTxR6iluuhN5gVVac6KNIo/itNQCHWez7VDtsmr
uIwLzzhztT5+d/KlZFoFBw5PMkxDYhTtdaneG2xSx2qgx3L2mZqNbN9Gz+o6HMz8
Q/xyUEeM9wRh8ZorSK2ODUMFYPHXNPgIPxRCZud0AEMN85rP8YrsaSiCXhZedTLG
RmwlmB3Px3FUo738N4fsqkoEYQPROoKCk7zPKuarPgj5mS8+856y2yrj7tHXrCEq
l9bc85bqzHNz2MsjP1c7gS6hlSi97Cz2Dn9M96ktXC6CxearXLXYg2QnQJeNHhQ8
fy1apkIzSXwLdUhlqJtCZjfItE8CgAPIQj4pns1rPqlQWY4wBwKb1E43dIn5joNI
bL8YU6Sm56w=
=6gPH
-----END PGP SIGNATURE-----