Mandriva Linux Security Advisory : otrs (MDVSA-2013:188)
Medium Nessus Plugin ID 67133
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated otrs package fixes security vulnerabilities :
An attacker with a valid agent login could manipulate URLs in the ticket watch mechanism to see contents of tickets they are not permitted to see (CVE-2013-3551, CVE-2013-4088).
SolutionUpdate the affected otrs package.