Launchpad.net

CVE 2011-4459

Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.

Related bugs and status

CVE-2011-4459 (Candidate) is related to these bugs:

Bug #1004834: Multiple security vulnerabilities in request-tracker3.8

		In	Importance	Status
1004834	Multiple security vulnerabilities in request-tracker3.8	request-tracker3.8 (Ubuntu)	Undecided	Invalid
1004834	Multiple security vulnerabilities in request-tracker3.8	request-tracker3.8 (Ubuntu Lucid)	Undecided	Fix Released
1004834	Multiple security vulnerabilities in request-tracker3.8	request-tracker3.8 (Ubuntu Natty)	Undecided	Invalid
1004834	Multiple security vulnerabilities in request-tracker3.8	request-tracker3.8 (Ubuntu Oneiric)	Undecided	Fix Released
1004834	Multiple security vulnerabilities in request-tracker3.8	request-tracker3.8 (Ubuntu Precise)	Undecided	Fix Released
1004834	Multiple security vulnerabilities in request-tracker3.8	request-tracker3.8 (Ubuntu Quantal)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-4459

Related bugs and status

Related bugs

References