CVE-2011-1008 (GCVE-0-2011-1008)
Vulnerability from cvelistv5
Published
2011-02-28 15:00
Modified
2024-08-06 22:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information, related to SQL logging.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:26.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/24/9"
},
{
"name": "rt-scripsoverlay-information-disclosure(65772)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65772"
},
{
"name": "[oss-security] 20110223 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/23/22"
},
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/24/7"
},
{
"name": "71011",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/71011"
},
{
"name": "[oss-security] 20110222 Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/22/12"
},
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/24/8"
},
{
"name": "43438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43438"
},
{
"name": "[oss-security] 20110222 Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/22/16"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bestpractical/rt/commit/2338cd19ed7a7f4c1e94f639ab2789d6586d01f3"
},
{
"name": "[rt-announce] 20110216 RT 3.8.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.html"
},
{
"name": "[oss-security] 20110222 CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/22/6"
},
{
"name": "ADV-2011-0475",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0475"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614576"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information, related to SQL logging."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-25T16:06:21",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/24/9"
},
{
"name": "rt-scripsoverlay-information-disclosure(65772)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65772"
},
{
"name": "[oss-security] 20110223 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/23/22"
},
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/24/7"
},
{
"name": "71011",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/71011"
},
{
"name": "[oss-security] 20110222 Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/22/12"
},
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/24/8"
},
{
"name": "43438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43438"
},
{
"name": "[oss-security] 20110222 Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/22/16"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bestpractical/rt/commit/2338cd19ed7a7f4c1e94f639ab2789d6586d01f3"
},
{
"name": "[rt-announce] 20110216 RT 3.8.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.html"
},
{
"name": "[oss-security] 20110222 CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/22/6"
},
{
"name": "ADV-2011-0475",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0475"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614576"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information, related to SQL logging."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/24/9"
},
{
"name": "rt-scripsoverlay-information-disclosure(65772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65772"
},
{
"name": "[oss-security] 20110223 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/23/22"
},
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/24/7"
},
{
"name": "71011",
"refsource": "OSVDB",
"url": "http://osvdb.org/71011"
},
{
"name": "[oss-security] 20110222 Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/22/12"
},
{
"name": "[oss-security] 20110224 Re: Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/24/8"
},
{
"name": "43438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43438"
},
{
"name": "[oss-security] 20110222 Re: CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/22/16"
},
{
"name": "https://github.com/bestpractical/rt/commit/2338cd19ed7a7f4c1e94f639ab2789d6586d01f3",
"refsource": "CONFIRM",
"url": "https://github.com/bestpractical/rt/commit/2338cd19ed7a7f4c1e94f639ab2789d6586d01f3"
},
{
"name": "[rt-announce] 20110216 RT 3.8.9 Released",
"refsource": "MLIST",
"url": "http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.html"
},
{
"name": "[oss-security] 20110222 CVE Request -- rt3 -- two issues: 1) Improper management of form data resubmittion upon user log out 2) SQL queries information leak by user account transition",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/22/6"
},
{
"name": "ADV-2011-0475",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0475"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614576",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614576"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1008",
"datePublished": "2011-02-28T15:00:00",
"dateReserved": "2011-02-14T00:00:00",
"dateUpdated": "2024-08-06T22:14:26.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2011-1008\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-02-28T16:00:01.680\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information, related to SQL logging.\"},{\"lang\":\"es\",\"value\":\"Scrips_Overlay.pm en Best Practical Solutions RT anterior a v3.8.9 no restringe el acceso adecuadamente a TicketObj en un Scrip despu\u00e9s de un cambio en CurrentUser, lo que permite a usuarios autenticados obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, como se demostr\u00f3 por el valor de informaci\u00f3n custom-field, relacionado con el registro SQL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:*:rc3:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.9\",\"matchCriteriaId\":\"A1369FE3-D1CC-4A6B-9D5B-796B1BAFE1AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"798C7256-C8A7-46EA-BE0C-685620CF78AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC812A18-628E-4EFA-95C7-010694423894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05EFCBF0-4447-4457-92B9-587A28C2D8E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E9A6E50-5666-48BF-8FD7-2668D8AD7344\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915FBC54-78F1-43AC-8394-AA25BC9F88F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F083E35-4189-45E9-A1A1-9062C88ED144\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6C9869E-5949-4C1E-AED7-3A8FB3C133F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2090D7-2796-44E9-8330-CE874E9514E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B558A64D-2E06-416C-85F5-AAFFD18096D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3A24FF7-A1B0-4998-A0F8-6E5D70901299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F01659AA-9146-4238-9FEE-70D345D31094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EA74674-D04E-4458-ADF0-C733E9592B05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F4ACD97-35AD-4E23-83FC-E39016936EFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF589DDB-4348-4A55-9468-DBB5F03C82F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C59D941-22C2-41A7-B9BA-4CBDA3E71F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB507C08-D3CC-4AC8-9BAC-EED9FD09E1D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A50288EA-2628-47D7-9F25-EE514B9083F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91868A78-C6C7-4C03-95B3-755816F8C663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B4383B-20C5-4620-8107-255AD3D45D2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09A128B7-AA70-49DD-A20E-B9BB7D23A4EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88EFA7E0-C472-4E93-8E38-98DFCCD37EEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E6381E7-1C01-4239-A02F-C6DB5D775F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4120F4E4-E4EB-434C-9764-370102198554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1CA0866-CC49-4956-9493-849069B4485B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"565B7E66-BD96-419A-8EC2-FE971BDC47A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:2.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC1443B-50C8-4E98-9900-CACFEA5AD00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F451959A-5305-4210-977B-6B396BC0A4F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA418CF5-49D6-4E0E-A1B5-8CB23752989D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E238F87-8D8C-4E62-A8F0-3DB9EFDB8328\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FD8A7EF-5DB8-40C6-9124-A97A23B3EA02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AD553B8-8495-47E5-A543-4DC963B3511A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28ADB191-4787-4FDB-B70A-F4C8BDF0F4B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2772389A-9BCD-4B13-88C8-75BC64E40AF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F9D05F-C86D-40D8-A7D9-5448918B72DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"311485DA-5381-4EAD-AF58-B8C67373413A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EAF6671-8C77-448B-BF29-E2CF51176CC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B55D762D-A723-435C-8D80-F7230F1648D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CC63EDC-541E-445D-8B72-799E4184B7EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5E6196E-4A90-4F64-BA99-A8E04A09D5ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91D7CE86-3FCD-472E-BF01-31FFB36701BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B3F0B2-8C70-4046-AAA0-FBD344FE4DBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCD0173D-F699-4864-8856-D1792BDA0F84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19CC2E53-5DE8-4A31-9B8A-79335DFBAFEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"404AFC5C-20B4-41E5-ACDE-56626D68AFEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F37D1380-965B-40E0-8A20-61FEA072B8D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E101B0FE-499F-44D8-8B68-BB7FEE40D2B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"747D8CD1-EE12-48A4-A795-88BC66A8DA33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FDE201D-F31A-4738-B9AB-7BB11417990E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D6ED4EC-F860-47BD-B699-551FB5DBF039\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3398823-1813-4D7B-9EC9-74222A240051\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F98B7895-BDB3-477C-8B34-88BD3E02EAFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1512169D-DCEF-4964-B05A-3DF19CDE8F57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B427F5D4-ACD6-46E5-B94F-CA30330C6492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B38C33-D680-4285-A849-E6CDA9F4802F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"646CFD82-15FE-48E4-83C9-E3E037E9F928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57404A14-6E1C-4F3B-8120-75F1073A3E18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F40ED56-CDAC-40BB-A026-5D6A09DCB72C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C325D9-CB88-430F-B1AE-3544C7176398\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E86D15-8435-46B9-88FF-8A51771C55E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"543C8E63-9A49-4D6A-899A-7D244D0CCC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00AFB893-E37A-4E81-A984-66D677161D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C503726A-4AAB-4444-A204-7F53A6369919\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2B93F59-E22F-47E0-A5EA-D5716E9EAB48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BF01543-2929-4ADA-BD74-ABE00BF066BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562E9782-259B-42C6-BC3E-C452799A78FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4D2E2C8-15E8-45E4-9DBF-6CF2BEB30576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E4D117A-92C0-4884-A3E6-F6FCC8B89458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AED14B5B-A9DE-46A4-8996-F6DC75B5DCD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.6:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D237F862-E8D5-4D82-9CDC-A8A84D2DE665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.7:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B306ECCE-8095-48E7-A523-05F6B2AF686E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.8:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6FBA787-90EE-4148-804C-F4F6021D5177\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.8:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9035493E-C9BA-4DDE-914A-E14CB072E745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.8:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"19E636D2-525B-4B27-A9E1-16BC0088C8AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.9:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9040C7B-9080-4B57-885D-9275B9623E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bestpractical:rt:3.8.9:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B927C5E-EAC2-4032-905A-BBCE66693958\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614576\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/22/12\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/22/16\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/22/6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/23/22\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/24/7\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/24/8\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/24/9\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/71011\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/43438\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0475\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/65772\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/bestpractical/rt/commit/2338cd19ed7a7f4c1e94f639ab2789d6586d01f3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/22/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/22/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/22/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/23/22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/24/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/24/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/24/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/71011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0475\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/65772\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/bestpractical/rt/commit/2338cd19ed7a7f4c1e94f639ab2789d6586d01f3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…