CVE-2012-6581
https://notcve.org/view.php?id=CVE-2012-6581
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail signing privilege. Best Practical Solutions RT 3.8.x anterior a 3.8.15 y 4.0.x anterior a 4.0.8, cuando GnuPG está activado, permite a atacantes remotos evitar las restricciones de acceso establecidas mediante la lectura del keyring del producto y provocar una salida de mensajes de correo a través de una clave almacenada de su elección, aprovechando los privilegios de firmado del UI e-mail. • http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-6580
https://notcve.org/view.php?id=CVE-2012-6580
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditing via an e-mail message to a queue's address. Best Practical Solutions RT 3.8.x anterior a 3.8.15 y 4.0.x anterior a 4.0.8, cuando GnuPG está activado, no se asegura que las etiquetas UI descifradas se encuentren en este estado, lo que podría facilitar a atacantes remotos suplantar los detalles del origen del mensaje o interferir con la auditoría de política de cifrado a través de un mensaje hacia una cola de direcciones. • http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html • CWE-310: Cryptographic Issues •
CVE-2013-3525 – Request Tracker - 'ShowPending' SQL Injection
https://notcve.org/view.php?id=CVE-2013-3525
SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that reported it retracted their report," and "we had verified that the claimed exploit did not function according to the author's claims. ** DISPUTADA ** Vulnerabilidad de inyección SQL en Approvals/ en Request Tracker (RT) 4.0.10 y anteriores permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro ShowPending. NOTA: el proveedor disputa este problema, diciendo que 'No somo capaces de reproducirlo, y el individuo que lo anuncio han retractado su informe,' y 'habíamos verificado que la explotación afirmada no funcionaba según las afirmaciones del autor.' • https://www.exploit-db.com/exploits/38459 http://blog.bestpractical.com/2013/04/on-our-security-policies.html http://cxsecurity.com/issue/WLB-2013040083 http://osvdb.org/92265 http://packetstormsecurity.com/files/121245/RT-Request-Tracker-4.0.10-SQL-Injection.html http://www.securityfocus.com/bid/59022 https://exchange.xforce.ibmcloud.com/vulnerabilities/83375 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2012-2768
https://notcve.org/view.php?id=CVE-2012-2768
Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the RTFM extension 2.0.4 through 2.4.3 for Best Practical Solutions RT allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en la página de administración de tema en la extensión RTFM v2.0.4 hasta la v2.4.3 para (Best Practical Solutions RT) permite a atacantes remotos inyectar código web o HTML arbitrario a través de vectores no especificados. • http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html http://secunia.com/advisories/50024 http://secunia.com/advisories/50440 http://www.securityfocus.com/bid/54689 https://exchange.xforce.ibmcloud.com/vulnerabilities/77212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-2169
https://notcve.org/view.php?id=CVE-2006-2169
RT: Request Tracker 3.5.HEAD allows remote attackers to obtain sensitive information via the Rows parameter in Dist/Display.html, which reveals the installation path in an error message. • http://pridels0.blogspot.com/2006/04/rt-request-tracker-vuln.html https://exchange.xforce.ibmcloud.com/vulnerabilities/26164 •