Executive Summary

Summary
Title tryton-server security update
Informations
Name DSA-4426 First vendor Publication 2019-04-07
Vendor Debian Last vendor Modification 2019-04-07
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:N/A:N)
Cvss Base Score 4 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Cedric Krier discovered that missing access validation in Tryton could result in information disclosure .

For the stable distribution (stretch), this problem has been fixed in version 4.2.1-2+deb9u1.

We recommend that you upgrade your tryton-server packages.

For the detailed security status of tryton-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tryton-server

Original Source

Url : http://www.debian.org/security/2019/dsa-4426

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 30
Os 1

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2019-04-08 21:21:59
  • Multiple Updates
2019-04-07 17:18:11
  • First insertion