FreeBSD : OTRS -- Multiple XSS and denial of service vulnerabilities (96e776c7-e75c-11df-8f26-00151735203a)

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

OTRS Security Advisory reports :

- Multiple Cross Site Scripting issues : Missing HTML quoting allows
authenticated agents or customers to inject HTML tags. This
vulnerability allows an attacker to inject script code into the OTRS
web-interface which will be loaded and executed in the browsers of
system users.

- Possible Denial of Service Attack : Perl's regular expressions
consume 100% CPU time on the server if an agent or customer views an
affected article. To exploit this vulnerability the malicious user
needs to send extremely large HTML emails to your system address.

AgentTicketZoom is vulnerable to XSS attacks from HTML e-mails :

Whenever a customer sends an HTML e-mail and RichText is enabled in
OTRS, JavaScript contained in the email can do everything in the OTRS
agent interface that the agent himself could do.

Most relevant is that this type of exploit can be used in such a way
that the agent won't even detect he is being exploited.

See also :

http://otrs.org/advisory/OSA-2010-02-en/
http://otrs.org/advisory/OSA-2010-03-en/
http://www.nessus.org/u?3fe168aa

Solution :

Update the affected package.

Risk factor :

Low / CVSS Base Score : 3.5
(CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 50470 ()

Bugtraq ID:

CVE ID: CVE-2010-2080
CVE-2010-4071

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now