Multiple weaknesses and a vulnerability have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information
1) A weakness in the boolean charts search interface can be exploited to disclose other users' group membership.
2) A weakness in the "Reports" and "Duplicates" pages can be exploited to disclose confidential product names.
3) An error when processing bug comments can be exploited to prevent viewing bug entries via an overly large integer value in a comment field.
Successful exploitation requires valid credentials and the application configured to use the PostgreSQL database.
4) A weakness within the "sudo" feature can be exploited to bypass the notification to the target user via a specially crafted cookie.
Successful exploitation requires the "sudo" permissions.
The weaknesses and the vulnerability are reported in versions prior to 3.2.8, prior to 3.4.8, prior to 3.6.2, and prior to 3.7.3.
Solution: Update to version 3.2.8, 3.4.8, 3.6.2, and 3.7.3 or apply patches (please see the vendor advisory for details).
Provided and/or discovered by: 1, 2) The vendor credits Frederic Buclin.
3) The vendor credits Slava Buhtiarov.
4) The vendor credits Bradley Baetz.
Original Advisory: http://www.bugzilla.org/security/3.2.7/
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Bugzilla Multiple Weaknesses and Vulnerability
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.