Help Desk Software & Beyond
June 24, 2017, 06:40:51 PM *
Welcome, Guest. Please login or register.
To post messages you need to register. We apologize for inconvenience, but this is to prevent spam.
Registration is instant (no email verification) and we do not ask for any personal information.

Login with username, password and session length
News: Welcome to Help Desk Software forum!
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: Question about TTX Vulnerability Report  (Read 10579 times)
pshtc
Newbie
*

Karma: 0
Posts: 3


View Profile
« on: March 17, 2010, 10:03:47 AM »

I'm wanting to confirm that this vulnerability does not affect version 2.24. Thanks for your response.
Logged
Alex
Administrator
Hero Member
*****

Karma: 22
Posts: 605



View Profile WWW
« Reply #1 on: March 17, 2010, 10:12:20 AM »

The TTXFile.pm is vulnerable for ALL versions. Make sure the one you have shows revision 759 or greater.

The TTXImage.pm is vulnerable for 3.x versions (2.x simply does not have the file). Make sure the one you have shows revision 765 or greater.

Both files may be deleted safely (help desk operations will not be interrupted, just no file upload controls on contact form).

Please delete first, then look for update.

How to check revision: open the file (it's plain text), look for line that reads

Code:
# $Revision: nnn $

The nnn is the revision number. The revision number is not the version number. It is the number, that source code repository automatically assigns to a file on each commit (logged change).

Further info (including download links) is here

http://www.troubleticketexpress.com/alert.html
Logged

Follow me on: LinkedIn
pshtc
Newbie
*

Karma: 0
Posts: 3


View Profile
« Reply #2 on: March 17, 2010, 12:29:07 PM »

I'll need some clarification on the TTXFile.pm file. Our version contains the TTXFileTickets.pm file, but not the TTXFile.pm file. Is this the same? If this needs changed, the locations that I'm finding to update it doesn't have the latest revision. Thanks for the help.
Logged
Alex
Administrator
Hero Member
*****

Karma: 22
Posts: 605



View Profile WWW
« Reply #3 on: March 17, 2010, 12:46:16 PM »

TTXFileTickets.pm is not TTXFile.pm.

If you have neither TTXFile.pm nor TTXImage.pm installed, no action required.

Logged

Follow me on: LinkedIn
pshtc
Newbie
*

Karma: 0
Posts: 3


View Profile
« Reply #4 on: March 17, 2010, 03:08:06 PM »

Thanks for your help!
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1 RC3 | SMF © 2001-2006, Lewis Media Valid XHTML 1.0! Valid CSS!
Page created in 0.021 seconds with 18 queries.