CVE-2011-2084

Priority
Description
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows
remote authenticated users to read (1) hashes of former passwords and (2)
ticket correspondence history by leveraging access to a privileged account.
Notes
jdstrandregressions found in DSA-2480 (see bugs)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.8.11-1ubuntu0.1])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Debdiff:https://bugs.launchpad.net/bugs/1004835
Package
Upstream:released (4.0.5-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [4.0.5-3])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.0.5-3)
Patches:
Vendor:http://www.debian.org/security/2012/dsa-2480
Package
Source: rt (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2020-09-10 01:43:40 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)