Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2009-5057

Published: 18 March 2011

The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations, related to inability to write to the seeding file.

Priority

Low

Status

Package Release Status
otrs2
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Ignored
(end of life)
karmic Not vulnerable

lucid Not vulnerable

maverick Not vulnerable

natty Not vulnerable

oneiric Not vulnerable

upstream
Released (2.3.4)