=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2008/VULN135
_____________________________________________________________________

DATE                      : 11/04/2008

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running OTRS.

======================================================================
  http://otrs.org/advisory/OSA-2008-01-en/
______________________________________________________________________

- -----------------------------------------------------------------------
  OTRS Security Advisory 2008-01                      <security@otrs.org>
- -----------------------------------------------------------------------
  ID:           OSA-2008-01
  Date:         2008-03-31
  Title:        Vulnerability in OTRS SOAP interface allows remote access
                without valid SOAP user
  Severity:     Critical
  Product:      OTRS 2.1.x, OTRS 2.2.x,
  Fixed in:     OTRS 2.1.8, OTRS 2.2.6
  Not affected: OTRS 1.x, OTRS 2.0.x
  URL:          http://otrs.org/advisory/OSA-2008-01-en/
  CVE:          CVE-2008-1515
- ----------------------------------------------------------------------

This Advisory covers one vulnerability in the OTRS SOAP interface.


SOAP authentications allows to get remote access without valid SOAP user

   Missing security checks allows remote SOAP connections to get access
   to OTRS without valid SOAP user.

   This vulnerability allows an remote attacker to read and modify
   objects via the OTRS SOAP interface.

Affected by this vulnerability are all releases of OTRS 2.1.0 up
to and including 2.2.5.

This vulnerability is fixed in OTRS 2.1.8 and OTRS 2.2.6.

Fixed OTRS releases can be found at:

  o ftp://ftp.otrs.org/

As a workaround you can remove the file bin/cgi-bin/rpc.pl or
update bin/cgi-bin/rpc.pl from cvs to version 1.6
(http://cvs.otrs.org/viewvc.cgi/otrs/bin/cgi-bin/rpc.pl).

Please send informations regarding vulnerabilities in OTRS to
<security@otrs.org>.

Copyright (c) OTRS AG, <http://otrs.org/>


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================