|
Bugzilla Two Information Disclosure Vulnerabilities
|
|
|
|
|
Secunia Advisory:
|
SA16021
|
|
|
Release Date:
|
2005-07-11
|
|
Last Update:
|
2005-07-12
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Exposure of sensitive information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Bugzilla 2.x
|
| | CVE reference: | CVE-2005-2173 (Secunia mirror)
CVE-2005-2174 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Two vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions and gain knowledge of sensitive information.
1) Input passed to process_bug.cgi is not properly verified before being used. This makes it possible to change a flag on a bug report that the user does not have access to, and can be exploited to email the bug summary to the malicious user.
The vulnerability affects versions 2.17.1 through 2.18.1, and development snapshots 2.19.1 through 2.19.3.
2) A race condition when marking a bug report as private in the database can be exploited to view the report when there is a MySQL replication lag.
The vulnerability affects versions 2.17.1 and above.
Solution:
Update to version 2.18.2.
http://www.bugzilla.org/download
Provided and/or discovered by:
1) Frédéric Buclin
2) Matthias Versen
The vendor also credits Joel Peshkin and Myk Melez.
Changelog:
2005-07-12: Added CVE references.
Original Advisory:
http://www.bugzilla.org/security/2.18.1/
https://bugzilla.mozilla.org/show_bug.cgi?id=293159
https://bugzilla.mozilla.org/show_bug.cgi?id=292544
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
18 Related Secunia Security Advisories, displaying 10
|
|
|
1. Bugzilla Security Bypass and Cross-Site Scripting Vulnerabilities
|
|
2. Bugzilla "createemailregexp" Security Bypass Vulnerability
|
|
3. Bugzilla Security Issue and Multiple Vulnerabilities
|
|
4. Bugzilla Cross-Site Scripting Vulnerability
|
|
5. Bugzilla Multiple Vulnerabilities
|
|
6. Bugzilla Multiple Vulnerabilities
|
|
7. Bugzilla "syncshadowdb" Script Insecure Temporary File Creation
|
|
8. Bugzilla Two Information Disclosure Security Issues
|
|
9. Bugzilla Two Information Disclosure Weaknesses
|
|
10. Bugzilla Internal Error Response Cross-Site Scripting
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
