Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2014-200.NASL
HistoryOct 22, 2014 - 12:00 a.m.

Mandriva Linux Security Advisory : bugzilla (MDVSA-2014:200)

2014-10-2200:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
15
JSON

Updated bugzilla packages fix security vulnerabilities :

If a new comment was marked private to the insider group, and a flag was set in the same transaction, the comment would be visible to flag recipients even if they were not in the insider group (CVE-2014-1571).

An attacker creating a new Bugzilla account can override certain parameters when finalizing the account creation that can lead to the user being created with a different email address than originally requested. The overridden login name could be automatically added to groups based on the group’s regular expression setting (CVE-2014-1572).

During an audit of the Bugzilla code base, several places were found where cross-site scripting exploits could occur which could allow an attacker to access sensitive information (CVE-2014-1573).

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2014:200. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(78616);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2014-1571", "CVE-2014-1572", "CVE-2014-1573");
  script_bugtraq_id(70256, 70257, 70258);
  script_xref(name:"MDVSA", value:"2014:200");

  script_name(english:"Mandriva Linux Security Advisory : bugzilla (MDVSA-2014:200)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated bugzilla packages fix security vulnerabilities :

If a new comment was marked private to the insider group, and a flag
was set in the same transaction, the comment would be visible to flag
recipients even if they were not in the insider group (CVE-2014-1571).

An attacker creating a new Bugzilla account can override certain
parameters when finalizing the account creation that can lead to the
user being created with a different email address than originally
requested. The overridden login name could be automatically added to
groups based on the group's regular expression setting
(CVE-2014-1572).

During an audit of the Bugzilla code base, several places were found
where cross-site scripting exploits could occur which could allow an
attacker to access sensitive information (CVE-2014-1573)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://advisories.mageia.org/MGASA-2014-0412.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected bugzilla and / or bugzilla-contrib packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bugzilla");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:bugzilla-contrib");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/22");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK-MBS1", reference:"bugzilla-4.2.11-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"bugzilla-contrib-4.2.11-1.mbs1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxbugzillap-cpe:/a:mandriva:linux:bugzilla
mandrivalinuxbugzilla-contribp-cpe:/a:mandriva:linux:bugzilla-contrib
mandrivabusiness_server1cpe:/o:mandriva:business_server:1

Related

nessus 8
securityvulns 3
fedora 5
openvas 6
freebsd 2
mageia 1
gentoo 1
thn 1
ubuntucve 4
checkpoint_advisories 1
prion 4
cve 4
cvelist 4
debiancve 1
nessus
nessus
Bugzilla < 4.0.15 / 4.2.11 / 4.4.6 / 4.5.6 Multiple Vulnerabilities
2014-10-06 00:00:00
FreeBSD : Bugzilla multiple security issues (b6587341-4d88-11e4-aef9-20cf30e32f6d)
2014-10-07 00:00:00
Bugzilla < 4.0.15 / 4.2.11 / 4.4.6 / 4.5.6 Multiple Vulnerabilities
2015-02-09 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.5.6, 4.4.6, 4.2.11, and 4.0.15
2014-10-14 00:00:00
[ MDVSA-2014:200 ] bugzilla
2014-11-03 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-11-03 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: bugzilla-4.4.6-1.fc21
2014-11-01 17:10:00
[SECURITY] Fedora 20 Update: bugzilla-4.2.11-1.fc20
2014-10-22 08:51:49
[SECURITY] Fedora 19 Update: bugzilla-4.2.11-1.fc19
2014-10-22 08:50:36
openvas
openvas
Fedora Update for bugzilla FEDORA-2014-12530
2014-10-23 00:00:00
Mageia: Security Advisory (MGASA-2014-0412)
2022-01-28 00:00:00
Fedora Update for bugzilla FEDORA-2014-12584
2014-10-23 00:00:00
freebsd
freebsd
Bugzilla multiple security issues
2014-10-06 00:00:00
ikiwiki -- multiple vulnerabilities
2016-12-19 00:00:00
mageia
mageia
Updated bugzilla packages fix security vulnerabilities
2014-10-09 18:39:32
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2016-07-20 00:00:00
thn
thn
Zero-Day in Bugzilla Exposes Zero-Day Vulnerabilities to Hackers
2014-10-06 22:37:00
ubuntucve
ubuntucve
CVE-2014-1572
2014-10-13 00:00:00
CVE-2014-1573
2014-10-13 00:00:00
CVE-2014-1571
2014-10-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Bugzilla Privilege Escalation - Email Validation Bypass (CVE-2014-1572)
2014-10-02 00:00:00
prion
prion
Design/Logic Flaw
2014-10-13 01:55:00
Cross site scripting
2014-10-13 01:55:00
Design/Logic Flaw
2014-10-13 01:55:00
cve
cve
CVE-2014-1572
2014-10-13 01:55:00
CVE-2014-1573
2014-10-13 01:55:00
CVE-2014-1571
2014-10-13 01:55:00
cvelist
cvelist
CVE-2014-1573
2014-10-13 01:00:00
CVE-2014-1572
2014-10-13 01:00:00
CVE-2014-1571
2014-10-13 01:00:00
debiancve
debiancve
CVE-2016-9646
2018-04-13 15:29:00
JSON
Related for MANDRIVA_MDVSA-2014-200.NASL
nessus8securityvulns3fedora5openvas6freebsd2mageia1gentoo1thn1ubuntucve4checkpoint_advisories1prion4cve4cvelist4debiancve1