Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Denial of Service --> Category: infos

osTicket Support Address DoS Vulnerability Scan

Vulnerability Scan Summary
Checks for Support Address DoS osTicket

Detailed Explanation for this Vulnerability Test

The target is running at least one instance of osTicket 1.2.7 or
earlier. Such versions are subject to a denial of service attack in
open.php if osTicket is configured to receive mails using aliases. If
so, a remote attacker can generate a mail loop on the target by opening
a ticket with the support address as the contact email address. For
details, see :


***** Nessus has acertaind the vulnerability exists on the target
***** simply by looking at the version number(s) of osTicket installed
***** there. It has no way of knowing which method osTicket uses to
***** retrieve mail.

Solution : Configure osTicket to receive mail using POP3.

Threat Level: None / High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.