Lucene search
MitreCVELIST:CVE-2012-0465HistoryApr 27, 2012 - 8:00 p.m.
CVE-2012-0465
2012-04-2720:00:00
mitre
www.cve.org
Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP header, which allows remote attackers to bypass the lockout policy via a series of authentication requests with (1) different IP address strings in this header or (2) a long string in this header.
References
archives.neohapsis.com/archives/bugtraq/2012-04/0135.html
lists.fedoraproject.org/pipermail/package-announce/2012-May/079432.html
lists.fedoraproject.org/pipermail/package-announce/2012-May/079481.html
lists.fedoraproject.org/pipermail/package-announce/2012-May/079604.html
bugzilla.mozilla.org/show_bug.cgi?id=728639
Related
cve
cve
CVE-2012-0465
2012-04-27 20:55:01
nvd
nvd
CVE-2012-0465
2012-04-27 20:55:01
prion
prion
Design/Logic Flaw
2012-04-27 20:55:00
ubuntucve
ubuntucve
CVE-2012-0465
2012-04-27 00:00:00
openvas
openvas
Fedora Update for bugzilla FEDORA-2012-6396
2012-05-04 00:00:00
Fedora Update for bugzilla FEDORA-2012-6282
2012-08-30 00:00:00
FreeBSD Ports: bugzilla
2012-04-30 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: bugzilla-4.0.6-1.fc17
2012-05-02 04:54:29
[SECURITY] Fedora 15 Update: bugzilla-3.6.9-1.fc15
2012-05-01 00:56:53
[SECURITY] Fedora 16 Update: bugzilla-4.0.6-1.fc16
2012-05-01 00:48:20
nessus
nessus
Fedora 16 : bugzilla-4.0.6-1.fc16 (2012-6368)
2012-05-01 00:00:00
Fedora 17 : bugzilla-4.0.6-1.fc17 (2012-6282)
2012-05-02 00:00:00
Fedora 15 : bugzilla-3.6.9-1.fc15 (2012-6396)
2012-05-01 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9
2012-04-23 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2012-04-18 00:00:00