Security update for otrs SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:3005-1 Final 1 1 2018-10-04T12:16:14Z current 2018-10-04T12:16:14Z 2018-10-04T12:16:14Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for otrs This update for otrs to version 4.0.32 fixes the following issues: These security issues were fixed: - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources (bsc#1109822). - CVE-2018-16587: An attacker could have sent a malicious email to an OTRS system. If a user with admin permissions opens it, it caused deletions of arbitrary files that the OTRS web server user has write access to (bsc#1109823). - CVE-2018-14593: An attacker who is logged into OTRS as an agent may have escalated their privileges by accessing a specially crafted URL (bsc#1103800). These non-security issues were fixed: - fixed permissions file @OTRS_ROOT@/var/tmp -> @OTRS_ROOT@/var/tmp/ - ACL for Action AgentTicketBulk were inconsistent. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00005.html E-Mail link for openSUSE-SU-2018:3005-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub for SUSE Linux Enterprise 15 otrs-4.0.32-bp150.3.3.1 otrs-doc-4.0.32-bp150.3.3.1 otrs-itsm-4.0.32-bp150.3.3.1 otrs-4.0.32-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 otrs-doc-4.0.32-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 otrs-itsm-4.0.32-bp150.3.3.1 as a component of SUSE Package Hub for SUSE Linux Enterprise 15 An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL. CVE-2018-14593 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-4.0.32-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-doc-4.0.32-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-itsm-4.0.32-bp150.3.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00005.html https://www.suse.com/security/cve/CVE-2018-14593.html CVE-2018-14593 https://bugzilla.suse.com/1103800 SUSE Bug 1103800 In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources. CVE-2018-16586 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-4.0.32-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-doc-4.0.32-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-itsm-4.0.32-bp150.3.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00005.html https://www.suse.com/security/cve/CVE-2018-16586.html CVE-2018-16586 https://bugzilla.suse.com/1109822 SUSE Bug 1109822 In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to. CVE-2018-16587 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-4.0.32-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-doc-4.0.32-bp150.3.3.1 SUSE Package Hub for SUSE Linux Enterprise 15:otrs-itsm-4.0.32-bp150.3.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00005.html https://www.suse.com/security/cve/CVE-2018-16587.html CVE-2018-16587 https://bugzilla.suse.com/1109823 SUSE Bug 1109823