CVE-2008-1515 Information

Description

The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to \read and modify objects\ via SOAP requests related to \Missing security checks.\

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://otrs.org/advisory/OSA-2008-01-en/ http://secunia.com/advisories/29585 http://secunia.com/advisories/29622 http://secunia.com/advisories/29859 http://www.securityfocus.com/bid/28647 https://exchange.xforce.ibmcloud.com/vulnerabilities/41577 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00284.html