In association with heise online

19 August 2011, 12:04

OTRS plugs security hole, launches OtterHub

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit


OTRS Inc has released versions 2.4.11 and 3.0.10 of OTRS (Open source Ticket Request System) – maintenance and security updates to the company's open source help desk system. The latest versions of the help desk solution address a moderate severity security vulnerability in the OTRS-Core that could allow an attacker gain read access to any file on the host system's filesystem, although the attacker would need administrator permissions to the OTRS application.

The information disclosure vulnerability is caused by an error in the Kernel/Modules/ script. Versions up to and including 2.4.10 and 3.0.9 are affected. Further details about the security updates, including download information, can be found in the 2.4.11 and 3.0.10 release notes. OTRS source code is licensed under the GNU Affero General Public License (AGPL).

OtterHub Logo

Founded in February of this year, the OTRS Community Board has also announced the launch OtterHub, its new official site which features the Otter as its mascot. OtterHub has an events calendar, projects page, blog and links to other OTRS resources. OtterHub is available in English and German.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit