Candidate: CVE-2011-5093
PublicDate: 2012-06-04 19:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5093
 http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html
 http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html
 http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html
Description:
 Best Practical Solutions RT 4.x before 4.0.6 does not properly implement
 the DisallowExecuteCode option, which allows remote authenticated users to
 bypass intended access restrictions and execute arbitrary code by
 leveraging access to a privileged account, a different vulnerability than
 CVE-2011-4458 and CVE-2011-5092.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_request-tracker3.6:
upstream_request-tracker3.6: needs-triage
hardy_request-tracker3.6: ignored (reached end-of-life)
lucid_request-tracker3.6: DNE
natty_request-tracker3.6: DNE
oneiric_request-tracker3.6: DNE
precise_request-tracker3.6: DNE
precise/esm_request-tracker3.6: DNE
quantal_request-tracker3.6: DNE
raring_request-tracker3.6: DNE
saucy_request-tracker3.6: DNE
trusty_request-tracker3.6: DNE
trusty/esm_request-tracker3.6: DNE
utopic_request-tracker3.6: DNE
vivid_request-tracker3.6: DNE
vivid/stable-phone-overlay_request-tracker3.6: DNE
vivid/ubuntu-core_request-tracker3.6: DNE
wily_request-tracker3.6: DNE
xenial_request-tracker3.6: DNE
yakkety_request-tracker3.6: DNE
zesty_request-tracker3.6: DNE
devel_request-tracker3.6: DNE

Patches_request-tracker3.8:
upstream_request-tracker3.8: not-affected
hardy_request-tracker3.8: DNE
lucid_request-tracker3.8: not-affected
natty_request-tracker3.8: not-affected
oneiric_request-tracker3.8: not-affected
precise_request-tracker3.8: not-affected
precise/esm_request-tracker3.8: DNE (precise was not-affected)
quantal_request-tracker3.8: DNE
raring_request-tracker3.8: DNE
saucy_request-tracker3.8: DNE
trusty_request-tracker3.8: DNE
trusty/esm_request-tracker3.8: DNE
utopic_request-tracker3.8: DNE
vivid_request-tracker3.8: DNE
vivid/stable-phone-overlay_request-tracker3.8: DNE
vivid/ubuntu-core_request-tracker3.8: DNE
wily_request-tracker3.8: DNE
xenial_request-tracker3.8: DNE
yakkety_request-tracker3.8: DNE
zesty_request-tracker3.8: DNE
devel_request-tracker3.8: DNE

Patches_request-tracker4:
upstream_request-tracker4: released (4.0.6)
hardy_request-tracker4: DNE
lucid_request-tracker4: DNE
natty_request-tracker4: DNE
oneiric_request-tracker4: ignored (reached end-of-life)
precise_request-tracker4: ignored (reached end-of-life)
precise/esm_request-tracker4: DNE (precise was needed)
quantal_request-tracker4: not-affected (4.0.6-2)
raring_request-tracker4: not-affected (4.0.6-2)
saucy_request-tracker4: not-affected (4.0.6-2)
trusty_request-tracker4: not-affected (4.0.6-2)
trusty/esm_request-tracker4: DNE (trusty was not-affected [4.0.6-2])
utopic_request-tracker4: not-affected (4.0.6-2)
vivid_request-tracker4: not-affected (4.0.6-2)
vivid/stable-phone-overlay_request-tracker4: DNE
vivid/ubuntu-core_request-tracker4: DNE
wily_request-tracker4: not-affected (4.0.6-2)
xenial_request-tracker4: not-affected (4.0.6-2)
yakkety_request-tracker4: not-affected (4.0.6-2)
zesty_request-tracker4: not-affected (4.0.6-2)
devel_request-tracker4: not-affected (4.0.6-2)