ID OPENVAS:70264 Type openvas Reporter Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com Modified 2017-02-25T00:00:00
Description
The remote host is missing an update to the system
as announced in the referenced advisory.
#
#VID dc8741b9-c5d5-11e0-8a8e-00151735203a
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from VID dc8741b9-c5d5-11e0-8a8e-00151735203a
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "The following package is affected: bugzilla
CVE-2011-2379
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through
2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before
3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when
Internet Explorer before 9 or Safari before 5.0.6 is used for Raw
Unified mode, allows remote attackers to inject arbitrary web script
or HTML via a crafted patch, related to content sniffing.
CVE-2011-2380
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before
3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and
4.1.x before 4.1.3 allows remote attackers to determine the existence
of private group names via a crafted parameter during (1) bug creation
or (2) bug editing.
CVE-2011-2979
Bugzilla 4.1.x before 4.1.3 generates different responses for certain
assignee queries depending on whether the group name is valid, which
allows remote attackers to determine the existence of private group
names via a custom search. NOTE: this vulnerability exists because of
a CVE-2010-2756 regression.
CVE-2011-2381
CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x
through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x,
4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to
inject arbitrary e-mail headers via an attachment description in a
flagmail notification.
CVE-2011-2978
Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before
3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and
4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail
address (aka old_email field) for e-mail change notifications, which
makes it easier for remote attackers to perform arbitrary address
changes by leveraging an unattended workstation.
CVE-2011-2977
Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x
before 4.1.3 on Windows does not delete the temporary files associated
with uploaded attachments, which allows local users to obtain
sensitive information by reading these files. NOTE: this issue exists
because of a regression in 3.6.
CVE-2011-2976
Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through
2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote
attackers to inject arbitrary web script or HTML via vectors involving
a BUGLIST cookie.";
tag_solution = "Update your system with the appropriate patches or
software upgrades.
https://bugzilla.mozilla.org/show_bug.cgi?id=637981
https://bugzilla.mozilla.org/show_bug.cgi?id=653477
https://bugzilla.mozilla.org/show_bug.cgi?id=674497
https://bugzilla.mozilla.org/show_bug.cgi?id=657158
https://bugzilla.mozilla.org/show_bug.cgi?id=670868
https://bugzilla.mozilla.org/show_bug.cgi?id=660502
https://bugzilla.mozilla.org/show_bug.cgi?id=660053
http://www.vuxml.org/freebsd/dc8741b9-c5d5-11e0-8a8e-00151735203a.html";
tag_summary = "The remote host is missing an update to the system
as announced in the referenced advisory.";
if(description)
{
script_id(70264);
script_version("$Revision: 5424 $");
script_tag(name:"last_modification", value:"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $");
script_tag(name:"creation_date", value:"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_cve_id("CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2381", "CVE-2011-2978", "CVE-2011-2977", "CVE-2011-2976");
script_name("FreeBSD Ports: bugzilla");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsdrel", "login/SSH/success");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-bsd.inc");
txt = "";
vuln = 0;
bver = portver(pkg:"bugzilla");
if(!isnull(bver) && revcomp(a:bver, b:"2.4")>=0 && revcomp(a:bver, b:"3.6.6")<0) {
txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
if(!isnull(bver) && revcomp(a:bver, b:"4.0")>=0 && revcomp(a:bver, b:"4.0.2")<0) {
txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
if(vuln) {
security_message(data:string(txt));
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:70264", "type": "openvas", "bulletinFamily": "scanner", "title": "FreeBSD Ports: bugzilla", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2011-09-21T00:00:00", "modified": "2017-02-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=70264", "reporter": "Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2010-2756", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381", "CVE-2011-2976"], "lastseen": "2017-07-02T21:13:33", "viewCount": 1, "enchantments": {"score": {"value": 6.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-2756", "CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2976", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2322-1:07C6A"]}, {"type": "fedora", "idList": ["FEDORA:1765F110D43", "FEDORA:3374710F8DE", "FEDORA:7FABF11061C", "FEDORA:9C413110733", "FEDORA:C582F10F8DE", "FEDORA:CC354110C45"]}, {"type": "freebsd", "idList": ["8CBF4D65-AF9A-11DF-89B8-00151735203A", "DC8741B9-C5D5-11E0-8A8E-00151735203A"]}, {"type": "gentoo", "idList": ["GLSA-201110-03"]}, {"type": "nessus", "idList": ["5627.PRM", "BUGZILLA_REPORTEDBY_INFO_DISCLOSURE.NASL", "DEBIAN_DSA-2322.NASL", "FEDORA_2010-13072.NASL", "FEDORA_2010-13086.NASL", "FEDORA_2010-13171.NASL", "FREEBSD_PKG_8CBF4D65AF9A11DF89B800151735203A.NASL", "FREEBSD_PKG_DC8741B9C5D511E08A8E00151735203A.NASL", "GENTOO_GLSA-201110-03.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:100749", "OPENVAS:103215", "OPENVAS:1361412562310100749", "OPENVAS:1361412562310103215", "OPENVAS:136141256231068000", "OPENVAS:136141256231070264", "OPENVAS:136141256231070411", "OPENVAS:136141256231070766", "OPENVAS:1361412562310801570", "OPENVAS:1361412562310862354", "OPENVAS:1361412562310862357", "OPENVAS:1361412562310862602", "OPENVAS:1361412562310863444", "OPENVAS:1361412562310863445", "OPENVAS:1361412562310864073", "OPENVAS:68000", "OPENVAS:70411", "OPENVAS:70766", "OPENVAS:801570", "OPENVAS:862354", "OPENVAS:862357", "OPENVAS:862602", "OPENVAS:863444", "OPENVAS:863445", "OPENVAS:864073"]}, {"type": "seebug", "idList": ["SSV:20818", "SSV:20867"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-2756", "UB:CVE-2011-2379", "UB:CVE-2011-2380", "UB:CVE-2011-2381", "UB:CVE-2011-2976", "UB:CVE-2011-2977", "UB:CVE-2011-2978", "UB:CVE-2011-2979"]}], "rev": 4}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2010-2756"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2322-1:07C6A"]}, {"type": "fedora", "idList": ["FEDORA:C582F10F8DE"]}, {"type": "freebsd", "idList": ["8CBF4D65-AF9A-11DF-89B8-00151735203A", "DC8741B9-C5D5-11E0-8A8E-00151735203A"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_8CBF4D65AF9A11DF89B800151735203A.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310801570"]}, {"type": "seebug", "idList": ["SSV:20867"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2381"]}]}, "exploitation": null, "vulnersScore": 6.2}, "pluginID": "70264", "sourceData": "#\n#VID dc8741b9-c5d5-11e0-8a8e-00151735203a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID dc8741b9-c5d5-11e0-8a8e-00151735203a\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: bugzilla\n\nCVE-2011-2379\nCross-site scripting (XSS) vulnerability in Bugzilla 2.4 through\n2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before\n3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when\nInternet Explorer before 9 or Safari before 5.0.6 is used for Raw\nUnified mode, allows remote attackers to inject arbitrary web script\nor HTML via a crafted patch, related to content sniffing.\n\nCVE-2011-2380\nBugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before\n3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and\n4.1.x before 4.1.3 allows remote attackers to determine the existence\nof private group names via a crafted parameter during (1) bug creation\nor (2) bug editing.\n\nCVE-2011-2979\nBugzilla 4.1.x before 4.1.3 generates different responses for certain\nassignee queries depending on whether the group name is valid, which\nallows remote attackers to determine the existence of private group\nnames via a custom search. NOTE: this vulnerability exists because of\na CVE-2010-2756 regression.\n\nCVE-2011-2381\nCRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x\nthrough 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x,\n4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to\ninject arbitrary e-mail headers via an attachment description in a\nflagmail notification.\n\nCVE-2011-2978\nBugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before\n3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and\n4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail\naddress (aka old_email field) for e-mail change notifications, which\nmakes it easier for remote attackers to perform arbitrary address\nchanges by leveraging an unattended workstation.\n\nCVE-2011-2977\nBugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x\nbefore 4.1.3 on Windows does not delete the temporary files associated\nwith uploaded attachments, which allows local users to obtain\nsensitive information by reading these files. NOTE: this issue exists\nbecause of a regression in 3.6.\n\nCVE-2011-2976\nCross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through\n2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote\nattackers to inject arbitrary web script or HTML via vectors involving\na BUGLIST cookie.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=637981\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=653477\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=674497\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=657158\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=670868\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=660502\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=660053\nhttp://www.vuxml.org/freebsd/dc8741b9-c5d5-11e0-8a8e-00151735203a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70264);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\", \"CVE-2011-2976\");\n script_name(\"FreeBSD Ports: bugzilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"bugzilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.4\")>=0 && revcomp(a:bver, b:\"3.6.6\")<0) {\n txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0\")>=0 && revcomp(a:bver, b:\"4.0.2\")<0) {\n txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "FreeBSD Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}
{"openvas": [{"lastseen": "2019-05-29T18:39:52", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-09-21T00:00:00", "type": "openvas", "title": "FreeBSD Ports: bugzilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2010-2756", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381", "CVE-2011-2976"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070264", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070264", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_bugzilla13.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID dc8741b9-c5d5-11e0-8a8e-00151735203a\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70264\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\", \"CVE-2011-2976\");\n script_name(\"FreeBSD Ports: bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: bugzilla\n\nCVE-2011-2379\nCross-site scripting (XSS) vulnerability in Bugzilla 2.4 through\n2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before\n3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when\nInternet Explorer before 9 or Safari before 5.0.6 is used for Raw\nUnified mode, allows remote attackers to inject arbitrary web script\nor HTML via a crafted patch, related to content sniffing.\n\nCVE-2011-2380\nBugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before\n3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and\n4.1.x before 4.1.3 allows remote attackers to determine the existence\nof private group names via a crafted parameter during (1) bug creation\nor (2) bug editing.\n\nCVE-2011-2979\nBugzilla 4.1.x before 4.1.3 generates different responses for certain\nassignee queries depending on whether the group name is valid, which\nallows remote attackers to determine the existence of private group\nnames via a custom search. NOTE: this vulnerability exists because of\na CVE-2010-2756 regression.\n\nCVE-2011-2381\nCRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x\nthrough 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x,\n4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to\ninject arbitrary e-mail headers via an attachment description in a\nflagmail notification.\n\nCVE-2011-2978\nBugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before\n3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and\n4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail\naddress (aka old_email field) for e-mail change notifications, which\nmakes it easier for remote attackers to perform arbitrary address\nchanges by leveraging an unattended workstation.\n\nCVE-2011-2977\nBugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x\nbefore 4.1.3 on Windows does not delete the temporary files associated\nwith uploaded attachments, which allows local users to obtain\nsensitive information by reading these files. NOTE: this issue exists\nbecause of a regression in 3.6.\n\nCVE-2011-2976\nCross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through\n2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote\nattackers to inject arbitrary web script or HTML via vectors involving\na BUGLIST cookie.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=637981\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=653477\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=674497\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=657158\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=670868\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=660502\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=660053\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/dc8741b9-c5d5-11e0-8a8e-00151735203a.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"bugzilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.4\")>=0 && revcomp(a:bver, b:\"3.6.6\")<0) {\n txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0\")>=0 && revcomp(a:bver, b:\"4.0.2\")<0) {\n txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-09-04T14:20:03", "description": "Bugzilla is prone to the following vulnerabilities:\n\n1. A security-bypass vulnerability.\n2. An email header-injection vulnerability.\n3. Multiple information-disclosure vulnerabilities.\n4. Multiple cross-site scripting vulnerabilities.\n\nSuccessfully exploiting these issues may allow an attacker to bypass\ncertain security restrictions, obtain sensitive information, execute\narbitrary script code in the browser of an unsuspecting user, steal\ncookie-based authentication credentials, and perform actions in the\nvulnerable application in the context of the victim.", "cvss3": {}, "published": "2011-08-22T00:00:00", "type": "openvas", "title": "Bugzilla Multiple Security Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381", "CVE-2011-2976"], "modified": "2017-09-01T00:00:00", "id": "OPENVAS:103215", "href": "http://plugins.openvas.org/nasl.php?oid=103215", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_bugzilla_49042.nasl 7044 2017-09-01 11:50:59Z teissa $\n#\n# Bugzilla Multiple Security Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"Bugzilla is prone to the following vulnerabilities:\n\n1. A security-bypass vulnerability.\n2. An email header-injection vulnerability.\n3. Multiple information-disclosure vulnerabilities.\n4. Multiple cross-site scripting vulnerabilities.\n\nSuccessfully exploiting these issues may allow an attacker to bypass\ncertain security restrictions, obtain sensitive information, execute\narbitrary script code in the browser of an unsuspecting user, steal\ncookie-based authentication credentials, and perform actions in the\nvulnerable application in the context of the victim.\";\n\ntag_solution = \"Vendor updates are available. Please see the references for more\ninformation.\";\n\nif (description)\n{\n script_id(103215);\n script_version(\"$Revision: 7044 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-01 13:50:59 +0200 (Fri, 01 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-22 16:04:33 +0200 (Mon, 22 Aug 2011)\");\n script_bugtraq_id(49042);\n script_cve_id(\"CVE-2011-2379\",\"CVE-2011-2380\",\"CVE-2011-2381\",\"CVE-2011-2976\",\"CVE-2011-2977\",\"CVE-2011-2978\",\"CVE-2011-2979\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_name(\"Bugzilla Multiple Security Vulnerabilities\");\n\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/49042\");\n script_xref(name : \"URL\" , value : \"http://www.bugzilla.org\");\n script_xref(name : \"URL\" , value : \"http://www.bugzilla.org/security/3.4.11/\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"bugzilla_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"version_func.inc\");\n\nport = get_http_port(default:80);\nif(!get_port_state(port))exit(0);\n\nif (!can_host_php(port:port)) exit(0);\n\nif(vers = get_version_from_kb(port:port,app:\"bugzilla/version\")) {\n\n if(version_in_range(version: vers, test_version:\"4.1\", test_version2:\"4.1.2\") ||\n version_in_range(version: vers, test_version:\"4.0\", test_version2:\"4.0.1\") ||\n version_in_range(version: vers, test_version:\"3.6\", test_version2:\"3.6.5\") ||\n version_in_range(version: vers, test_version:\"3.4\", test_version2:\"3.4.11\")) {\n security_message(port:port);\n exit(0);\n }\n\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-07-17T14:31:04", "description": "Bugzilla is prone to the following vulnerabilities:\n\n1. A security-bypass vulnerability.\n\n2. An email header-injection vulnerability.\n\n3. Multiple information-disclosure vulnerabilities.\n\n4. Multiple cross-site scripting vulnerabilities.\n\nSuccessfully exploiting these issues may allow an attacker to bypass certain security restrictions, obtain\nsensitive information, execute arbitrary script code in the browser of an unsuspecting user, steal cookie-based\nauthentication credentials, and perform actions in the vulnerable application in the context of the victim.", "cvss3": {}, "published": "2011-08-22T00:00:00", "type": "openvas", "title": "Bugzilla Multiple Security Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381", "CVE-2011-2976"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310103215", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103215", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Bugzilla Multiple Security Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:bugzilla\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103215\");\n script_version(\"2019-07-05T10:41:31+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:41:31 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-08-22 16:04:33 +0200 (Mon, 22 Aug 2011)\");\n script_bugtraq_id(49042);\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2976\", \"CVE-2011-2977\", \"CVE-2011-2978\",\n \"CVE-2011-2979\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_name(\"Bugzilla Multiple Security Vulnerabilities\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/49042\");\n script_xref(name:\"URL\", value:\"http://www.bugzilla.org/security/3.4.11/\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"bugzilla_detect.nasl\");\n script_mandatory_keys(\"bugzilla/installed\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for more\ninformation.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Bugzilla is prone to the following vulnerabilities:\n\n1. A security-bypass vulnerability.\n\n2. An email header-injection vulnerability.\n\n3. Multiple information-disclosure vulnerabilities.\n\n4. Multiple cross-site scripting vulnerabilities.\n\nSuccessfully exploiting these issues may allow an attacker to bypass certain security restrictions, obtain\nsensitive information, execute arbitrary script code in the browser of an unsuspecting user, steal cookie-based\nauthentication credentials, and perform actions in the vulnerable application in the context of the victim.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!vers = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version: vers, test_version:\"4.1\", test_version2:\"4.1.2\") ||\n version_in_range(version: vers, test_version:\"4.0\", test_version2:\"4.0.1\") ||\n version_in_range(version: vers, test_version:\"3.6\", test_version2:\"3.6.5\") ||\n version_in_range(version: vers, test_version:\"3.4\", test_version2:\"3.4.11\")) {\n security_message(port:port);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-08T12:57:55", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2011-10399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864073", "href": "http://plugins.openvas.org/nasl.php?oid=864073", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2011-10399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 16\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064120.html\");\n script_id(864073);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:07:00 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-10399\");\n script_name(\"Fedora Update for bugzilla FEDORA-2011-10399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~4.0.2~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:55:24", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2011-08-24T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2011-10426", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863445", "href": "http://plugins.openvas.org/nasl.php?oid=863445", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2011-10426\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 15\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063946.html\");\n script_id(863445);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-24 09:14:07 +0200 (Wed, 24 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-10426\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\");\n script_name(\"Fedora Update for bugzilla FEDORA-2011-10426\");\n\n script_summary(\"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.6.6~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-24T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2011-10413", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863444", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863444", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2011-10413\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063967.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863444\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-24 09:14:07 +0200 (Wed, 24 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-10413\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\");\n script_name(\"Fedora Update for bugzilla FEDORA-2011-10413\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bugzilla'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"bugzilla on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.6.6~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-25T10:55:42", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2011-08-24T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2011-10413", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863444", "href": "http://plugins.openvas.org/nasl.php?oid=863444", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2011-10413\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 14\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063967.html\");\n script_id(863444);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-24 09:14:07 +0200 (Wed, 24 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-10413\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\");\n script_name(\"Fedora Update for bugzilla FEDORA-2011-10413\");\n\n script_summary(\"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.6.6~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-24T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2011-10426", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863445", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863445", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2011-10426\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063946.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863445\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-24 09:14:07 +0200 (Wed, 24 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-10426\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\");\n script_name(\"Fedora Update for bugzilla FEDORA-2011-10426\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bugzilla'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"bugzilla on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.6.6~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2011-10399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2380", "CVE-2011-2979", "CVE-2011-2379", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2381"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864073", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2011-10399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064120.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864073\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:07:00 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2979\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2977\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-10399\");\n script_name(\"Fedora Update for bugzilla FEDORA-2011-10399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bugzilla'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"bugzilla on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~4.0.2~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:50:25", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-03.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-03 (bugzilla)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4572", "CVE-2011-2380", "CVE-2011-2979", "CVE-2010-4567", "CVE-2011-2379", "CVE-2011-0046", "CVE-2011-2977", "CVE-2010-2761", "CVE-2010-4568", "CVE-2011-2978", "CVE-2010-4411", "CVE-2011-2381", "CVE-2010-3172", "CVE-2011-0048", "CVE-2010-4570", "CVE-2010-4569", "CVE-2010-3764", "CVE-2011-2976"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70766", "href": "http://plugins.openvas.org/nasl.php?oid=70766", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in Bugzilla, the worst of which\n leading to privilege escalation.\";\ntag_solution = \"All Bugzilla users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/bugzilla-3.6.6'\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since August 27, 2011. It is likely that your system is\nalready\n no longer affected by this issue.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-03\nhttp://bugs.gentoo.org/show_bug.cgi?id=352781\nhttp://bugs.gentoo.org/show_bug.cgi?id=380255\nhttp://bugs.gentoo.org/show_bug.cgi?id=386203\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-03.\";\n\n \n \nif(description)\n{\n script_id(70766);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-2761\", \"CVE-2010-3172\", \"CVE-2010-3764\", \"CVE-2010-4411\", \"CVE-2010-4567\", \"CVE-2010-4568\", \"CVE-2010-4569\", \"CVE-2010-4570\", \"CVE-2010-4572\", \"CVE-2011-0046\", \"CVE-2011-0048\", \"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2976\", \"CVE-2011-2977\", \"CVE-2011-2978\", \"CVE-2011-2979\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-03 (bugzilla)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-apps/bugzilla\", unaffected: make_list(\"ge 3.6.6\"), vulnerable: make_list(\"lt 3.6.6\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:05", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-03.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-03 (bugzilla)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4572", "CVE-2011-2380", "CVE-2011-2979", "CVE-2010-4567", "CVE-2011-2379", "CVE-2011-0046", "CVE-2011-2977", "CVE-2010-2761", "CVE-2010-4568", "CVE-2011-2978", "CVE-2010-4411", "CVE-2011-2381", "CVE-2010-3172", "CVE-2011-0048", "CVE-2010-4570", "CVE-2010-4569", "CVE-2010-3764", "CVE-2011-2976"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070766", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070766", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_03.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70766\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-2761\", \"CVE-2010-3172\", \"CVE-2010-3764\", \"CVE-2010-4411\", \"CVE-2010-4567\", \"CVE-2010-4568\", \"CVE-2010-4569\", \"CVE-2010-4570\", \"CVE-2010-4572\", \"CVE-2011-0046\", \"CVE-2011-0048\", \"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2976\", \"CVE-2011-2977\", \"CVE-2011-2978\", \"CVE-2011-2979\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-03 (bugzilla)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in Bugzilla, the worst of which\n leading to privilege escalation.\");\n script_tag(name:\"solution\", value:\"All Bugzilla users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/bugzilla-3.6.6'\n\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since August 27, 2011. It is likely that your system is\nalready\n no longer affected by this issue.\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-03\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=352781\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=380255\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=386203\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-03.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-apps/bugzilla\", unaffected: make_list(\"ge 3.6.6\"), vulnerable: make_list(\"lt 3.6.6\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:55", "description": "The remote host is missing an update to bugzilla\nannounced via advisory DSA 2322-1.", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2322-1 (bugzilla)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4572", "CVE-2011-2380", "CVE-2010-4567", "CVE-2011-2379", "CVE-2011-0046", "CVE-2010-4568", "CVE-2011-2978", "CVE-2011-2381", "CVE-2011-0048"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70411", "href": "http://plugins.openvas.org/nasl.php?oid=70411", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2322_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2322-1 (bugzilla)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities were discovered in Bugzilla, a web-based bug\ntracking system.\n\nCVE-2010-4572\n\nBy inserting particular strings into certain URLs, it was\npossible to inject both headers and content to any\nbrowser.\n\nCVE-2010-4567, CVE-2011-0048\n\nBugzilla has a URL field that can contain several types\nof URL, including javascript: and data: URLs. However,\nit does not make javascript: and data: URLs into\nclickable links, to protect against cross-site scripting\nattacks or other attacks. It was possible to bypass this\nprotection by adding spaces into the URL in places that\nBugzilla did not expect them. Also, javascript: and\ndata: links were *always* shown as clickable to\nlogged-out users.\n\nCVE-2010-4568\n\nIt was possible for a user to gain unauthorized access to\nany Bugzilla account in a very short amount of time (short\nenough that the attack is highly effective).\n\nCVE-2011-0046\n\nVarious pages were vulnerable to Cross-Site Request\nForgery attacks. Most of these issues are not as serious\nas previous CSRF vulnerabilities.\n\nCVE-2011-2978\n\nWhen a user changes his email address, Bugzilla trusts\na user-modifiable field for obtaining the current e-mail\naddress to send a confirmation message to. If an attacker\nhas access to the session of another user (for example,\nif that user left their browser window open in a public\nplace), the attacker could alter this field to cause\nthe email-change notification to go to their own address.\nThis means that the user would not be notified that his\naccount had its email address changed by the attacker.\n\nCVE-2011-2381\n\nFor flagmails only, attachment descriptions with a newline\nin them could lead to the injection of crafted headers in\nemail notifications when an attachment flag is edited.\n\nCVE-2011-2379\n\nBugzilla uses an alternate host for attachments when\nviewing them in raw format to prevent cross-site scripting\nattacks. This alternate host is now also used when viewing\npatches in Raw Unified mode because Internet Explorer 8\nand older, and Safari before 5.0.6 do content sniffing,\nwhich could lead to the execution of malicious code.\n\nCVE-2011-2380 CVE-201-2979\n\nNormally, a group name is confidential and is only visible\nto members of the group, and to non-members if the group\nis used in bugs. By crafting the URL when creating or\nediting a bug, it was possible to guess if a group existed\nor not, even for groups which weren't used in bugs and so\nwhich were supposed to remain confidential.\n\nFor the oldstable distribution (lenny), it has not been practical to\nbackport patches to fix these bugs. Users of bugzilla on lenny are \nstrongly advised to upgrade to the version in the squeeze distribution.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 3.6.2.0-4.4.\n\nFor the testing distribution (wheezy) and the unstable distribution (sid),\nthe bugzilla packages have been removed.\n\nWe recommend that you upgrade your bugzilla packages.\";\ntag_summary = \"The remote host is missing an update to bugzilla\nannounced via advisory DSA 2322-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202322-1\";\n\n\nif(description)\n{\n script_id(70411);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-16 23:01:53 +0200 (Sun, 16 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4567\", \"CVE-2010-4568\", \"CVE-2010-4572\", \"CVE-2011-0046\", \"CVE-2011-0048\", \"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2978\");\n script_name(\"Debian Security Advisory DSA 2322-1 (bugzilla)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"bugzilla3\", ver:\"3.6.2.0-4.4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"bugzilla3-doc\", ver:\"3.6.2.0-4.4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:31", "description": "The remote host is missing an update to bugzilla\nannounced via advisory DSA 2322-1.", "cvss3": {}, "published": "2011-10-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2322-1 (bugzilla)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4572", "CVE-2011-2380", "CVE-2010-4567", "CVE-2011-2379", "CVE-2011-0046", "CVE-2010-4568", "CVE-2011-2978", "CVE-2011-2381", "CVE-2011-0048"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070411", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070411", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2322_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2322-1 (bugzilla)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70411\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-16 23:01:53 +0200 (Sun, 16 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4567\", \"CVE-2010-4568\", \"CVE-2010-4572\", \"CVE-2011-0046\", \"CVE-2011-0048\", \"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2978\");\n script_name(\"Debian Security Advisory DSA 2322-1 (bugzilla)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202322-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Bugzilla, a web-based bug\ntracking system.\n\nCVE-2010-4572\n\nBy inserting particular strings into certain URLs, it was\npossible to inject both headers and content to any\nbrowser.\n\nCVE-2010-4567, CVE-2011-0048\n\nBugzilla has a URL field that can contain several types\nof URL, including javascript: and data: URLs. However,\nit does not make javascript: and data: URLs into\nclickable links, to protect against cross-site scripting\nattacks or other attacks. It was possible to bypass this\nprotection by adding spaces into the URL in places that\nBugzilla did not expect them. Also, javascript: and\ndata: links were *always* shown as clickable to\nlogged-out users.\n\nCVE-2010-4568\n\nIt was possible for a user to gain unauthorized access to\nany Bugzilla account in a very short amount of time (short\nenough that the attack is highly effective).\n\nCVE-2011-0046\n\nVarious pages were vulnerable to Cross-Site Request\nForgery attacks. Most of these issues are not as serious\nas previous CSRF vulnerabilities.\n\nCVE-2011-2978\n\nWhen a user changes his email address, Bugzilla trusts\na user-modifiable field for obtaining the current e-mail\naddress to send a confirmation message to. If an attacker\nhas access to the session of another user (for example,\nif that user left their browser window open in a public\nplace), the attacker could alter this field to cause\nthe email-change notification to go to their own address.\nThis means that the user would not be notified that his\naccount had its email address changed by the attacker.\n\nCVE-2011-2381\n\nFor flagmails only, attachment descriptions with a newline\nin them could lead to the injection of crafted headers in\nemail notifications when an attachment flag is edited.\n\nCVE-2011-2379\n\nBugzilla uses an alternate host for attachments when\nviewing them in raw format to prevent cross-site scripting\nattacks. This alternate host is now also used when viewing\npatches in Raw Unified mode because Internet Explorer 8\nand older, and Safari before 5.0.6 do content sniffing,\nwhich could lead to the execution of malicious code.\n\nCVE-2011-2380 CVE-201-2979\n\nNormally, a group name is confidential and is only visible\nto members of the group, and to non-members if the group\nis used in bugs. By crafting the URL when creating or\nediting a bug, it was possible to guess if a group existed\nor not, even for groups which weren't used in bugs and so\nwhich were supposed to remain confidential.\n\nFor the oldstable distribution (lenny), it has not been practical to\nbackport patches to fix these bugs. Users of bugzilla on lenny are\nstrongly advised to upgrade to the version in the squeeze distribution.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 3.6.2.0-4.4.\n\nFor the testing distribution (wheezy) and the unstable distribution (sid),\nthe bugzilla packages have been removed.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your bugzilla packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to bugzilla\nannounced via advisory DSA 2322-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"bugzilla3\", ver:\"3.6.2.0-4.4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bugzilla3-doc\", ver:\"3.6.2.0-4.4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-09-04T14:20:06", "description": "This host is running Bugzilla and is prone to information\n disclosure vulnerability.", "cvss3": {}, "published": "2011-01-20T00:00:00", "type": "openvas", "title": "Bugzilla Informaton Disclosure Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756"], "modified": "2017-08-28T00:00:00", "id": "OPENVAS:801570", "href": "http://plugins.openvas.org/nasl.php?oid=801570", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_bugzilla_info_disclosure_vuln.nasl 7015 2017-08-28 11:51:24Z teissa $\n#\n# Bugzilla Informaton Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allows attackers to search for bugs that were\n reported by users belonging to one more groups.\n Impact Level: Application\";\ntag_affected = \"Bugzilla 2.19.1 to 3.2.7, 3.3.1 to 3.4.7, 3.5.1 to 3.6.1 and 3.7 to 3.7.2\";\ntag_insight = \"The flaw is due to an error in 'Search.pm' which allows remote attackers\n to determine the group memberships of arbitrary users via vectors involving the\n Search interface, boolean charts, and group-based pronouns.\";\ntag_solution = \"Upgrade to Bugzilla version 3.2.8, 3.4.8, 3.6.2 or 3.7.3\n For updates refer to http://www.bugzilla.org/download/\";\ntag_summary = \"This host is running Bugzilla and is prone to information\n disclosure vulnerability.\";\n\nif(description)\n{\n script_id(801570);\n script_version(\"$Revision: 7015 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-28 13:51:24 +0200 (Mon, 28 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-20 07:52:11 +0100 (Thu, 20 Jan 2011)\");\n script_cve_id(\"CVE-2010-2756\");\n script_bugtraq_id(42275);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Bugzilla Informaton Disclosure Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/41128\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/2205\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/2035\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2010/2035\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.mozilla.org/show_bug.cgi?id=417048\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"bugzilla_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port(default:80);\nif(!get_port_state(port)){\n exit(0);\n}\n\n## Get the version\nvers = get_kb_item(\"www/\" + port + \"/bugzilla/version\");\nif(!vers){\n exit(0);\n}\n\n## check for only vuln versions\nif(version_in_range(version:vers, test_version: \"3.7\", test_version2:\"3.7.2\")||\n version_in_range(version:vers, test_version: \"3.5.1\", test_version2:\"3.6.1\")||\n version_in_range(version:vers, test_version: \"3.3.1\", test_version2:\"3.4.7\")||\n version_in_range(version:vers, test_version: \"2.19.1\", test_version2:\"3.2.7\"))\n{\n ## get the installed path\n dir = get_dir_from_kb(port:port,app:\"bugzilla\");\n if(dir)\n {\n ## Construct the exploit string\n exploit = \"/buglist.cgi?query_format=advanced&bug_status=CLOSED&\" +\n \"field0-0-0%3Dreporter%26type0-0-0%3Dequals%26value0-0-0\"+\n \"%3D%25group.admin%25\";\n\n ## Construct the request\n req = string(\"GET \", dir, exploit, \" HTTP/1.1\\r\\n\",\n \"Host: 209.132.180.131\\r\\n\",\n \"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\\r\\n\",\n \"Accept-Language: en-us,en;q=0.5\\r\\n\",\n \"Accept-Encoding: gzip,deflate\\r\\n\",\n \"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\\r\\n\",\n \"Keep-Alive: 300\\r\\n\",\n \"Connection: keep-alive\\r\\n\\r\\n\");\n\n resp = http_keepalive_send_recv(port:port, data:req);\n if(resp)\n {\n ## Check for the exploit\n if(eregmatch(pattern:\"field0-0-0%3Dreporter%26type0-0-0%3Dequals%26value0-0-0%3D%25group.admin%25/i\",\n string:resp, icase:TRUE)){\n security_message(port:port);\n }\n }\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2020-03-05T19:02:11", "description": "This host is running Bugzilla and is prone to information disclosure\nvulnerability.", "cvss3": {}, "published": "2011-01-20T00:00:00", "type": "openvas", "title": "Bugzilla Information Disclosure Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310801570", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801570", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Bugzilla Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:bugzilla\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801570\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-01-20 07:52:11 +0100 (Thu, 20 Jan 2011)\");\n script_cve_id(\"CVE-2010-2756\");\n script_bugtraq_id(42275);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_name(\"Bugzilla Information Disclosure Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/41128\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/2205\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/2035\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/2035\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=417048\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"bugzilla_detect.nasl\");\n script_mandatory_keys(\"bugzilla/installed\");\n script_require_ports(\"Services/www\", 80);\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to search for bugs that were\nreported by users belonging to one more groups.\");\n\n script_tag(name:\"affected\", value:\"Bugzilla 2.19.1 to 3.2.7, 3.3.1 to 3.4.7, 3.5.1 to 3.6.1 and 3.7 to 3.7.2\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an error in 'Search.pm' which allows remote attackers to\ndetermine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and\ngroup-based pronouns.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Bugzilla version 3.2.8, 3.4.8, 3.6.2 or 3.7.3.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"This host is running Bugzilla and is prone to information disclosure\nvulnerability.\");\n\n script_xref(name:\"URL\", value:\"http://www.bugzilla.org/download/\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE)) exit(0);\nvers = infos['version'];\ndir = infos['location'];\n\nif(version_in_range(version:vers, test_version: \"3.7\", test_version2:\"3.7.2\")||\n version_in_range(version:vers, test_version: \"3.5.1\", test_version2:\"3.6.1\")||\n version_in_range(version:vers, test_version: \"3.3.1\", test_version2:\"3.4.7\")||\n version_in_range(version:vers, test_version: \"2.19.1\", test_version2:\"3.2.7\")) {\n exploit = \"/buglist.cgi?query_format=advanced&bug_status=CLOSED&\" +\n \"field0-0-0%3Dreporter%26type0-0-0%3Dequals%26value0-0-0\"+\n \"%3D%25group.admin%25\";\n\n req = string(\"GET \", dir, exploit, \" HTTP/1.1\\r\\n\",\n \"Host: 209.132.180.131\\r\\n\",\n \"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\\r\\n\",\n \"Accept-Language: en-us,en;q=0.5\\r\\n\",\n \"Accept-Encoding: gzip,deflate\\r\\n\",\n \"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\\r\\n\",\n \"Keep-Alive: 300\\r\\n\",\n \"Connection: keep-alive\\r\\n\\r\\n\");\n\n resp = http_keepalive_send_recv(port:port, data:req);\n\n if (resp) {\n if (eregmatch(pattern:\"field0-0-0%3Dreporter%26type0-0-0%3Dequals%26value0-0-0%3D%25group.admin%25/i\",\n string:resp, icase:TRUE)) {\n security_message(port: port);\n exit(0);\n }\n }\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-02T21:09:50", "description": "Bugzilla is prone to the following vulnerabilities:\n\n1. A security bypass issue.\n2. Multiple information-disclosure vulnerabilities.\n3. A denial-of-service vulnerability.\n\nSuccessfully exploiting these issues may allow an attacker to\nbypass certain security restrictions, obtain sensitive information\nor cause the affected application to crash, denying service to\nlegitimate users.\n\nThe following versions are vulnerable:\n\n4.x and 3.2.x versions prior to 3.2.8,\n4.1.x and 3.4.x versions prior to 3.4.8.\n4.2.x and 3.6.x versions prior to 3.6.2.\n4.3.x versions prior to 3.7.3.", "cvss3": {}, "published": "2010-08-09T00:00:00", "type": "openvas", "title": "Bugzilla Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2017-02-10T00:00:00", "id": "OPENVAS:100749", "href": "http://plugins.openvas.org/nasl.php?oid=100749", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_bugzilla_42275.nasl 5263 2017-02-10 13:45:51Z teissa $\n#\n# Bugzilla Multiple Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"Bugzilla is prone to the following vulnerabilities:\n\n1. A security bypass issue.\n2. Multiple information-disclosure vulnerabilities.\n3. A denial-of-service vulnerability.\n\nSuccessfully exploiting these issues may allow an attacker to\nbypass certain security restrictions, obtain sensitive information\nor cause the affected application to crash, denying service to\nlegitimate users.\n\nThe following versions are vulnerable:\n\n4.x and 3.2.x versions prior to 3.2.8,\n4.1.x and 3.4.x versions prior to 3.4.8.\n4.2.x and 3.6.x versions prior to 3.6.2.\n4.3.x versions prior to 3.7.3.\";\n\ntag_solution = \"Updates are available. Please see the references for more information.\";\n\nif (description)\n{\n script_id(100749);\n script_version(\"$Revision: 5263 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-10 14:45:51 +0100 (Fri, 10 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-09 13:36:05 +0200 (Mon, 09 Aug 2010)\");\n script_bugtraq_id(42275);\n script_cve_id(\"CVE-2010-2756\",\"CVE-2010-2757\",\"CVE-2010-2758\",\"CVE-2010-2759\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_name(\"Bugzilla Multiple Vulnerabilities\");\n\n script_xref(name : \"URL\" , value : \"https://www.securityfocus.com/bid/42275\");\n script_xref(name : \"URL\" , value : \"http://www.bugzilla.org/security/3.2.7/\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"bugzilla_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"version_func.inc\");\n\nport = get_http_port(default:80);\nif(!get_port_state(port)){\n exit(0);\n}\n\nvers = get_version_from_kb(port:port, app:\"bugzilla/version\");\nif(!vers){\n exit(0);\n}\n\nif(version_in_range(version:vers, test_version: \"2\", test_version2:\"3.2.7\") ||\n version_in_range(version:vers, test_version: \"3.3\", test_version2:\"3.4.7\") ||\n version_in_range(version:vers, test_version: \"3.5\", test_version2:\"3.6.1\") ||\n version_in_range(version:vers, test_version: \"3.7\", test_version2:\"3.7.2\")){\n security_message(port:port);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:49:01", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2010-13171", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:862602", "href": "http://plugins.openvas.org/nasl.php?oid=862602", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2010-13171\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 14\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html\");\n script_id(862602);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13171\");\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"Fedora Update for bugzilla FEDORA-2010-13171\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.6.2~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:09:59", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-10-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: bugzilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2017-02-09T00:00:00", "id": "OPENVAS:68000", "href": "http://plugins.openvas.org/nasl.php?oid=68000", "sourceData": "#\n#VID 8cbf4d65-af9a-11df-89b8-00151735203a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 8cbf4d65-af9a-11df-89b8-00151735203a\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: bugzilla\n\nCVE-2010-2756\nSearch.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1\nthrough 3.6.1, and 3.7 through 3.7.2 allows remote attackers to\ndetermine the group memberships of arbitrary users via vectors\ninvolving the Search interface, boolean charts, and group-based\npronouns.\n\nCVE-2010-2757\nThe sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through\n3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly\nsend impersonation notifications, which makes it easier for remote\nauthenticated users to impersonate other users without discovery.\n\nCVE-2010-2758\nBugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through\n3.6.1, and 3.7 through 3.7.2 generates different error messages\ndepending on whether a product exists, which makes it easier for\nremote attackers to guess product names via unspecified use of the (1)\nReports or (2) Duplicates page.\n\nCVE-2010-2759\nBugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through\n3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not\nproperly handle large integers in (1) bug and (2) attachment phrases,\nwhich allows remote authenticated users to cause a denial of service\n(bug invisibility) via a crafted comment.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=417048\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=450013\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=577139\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=519835\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=583690\nhttp://www.vuxml.org/freebsd/8cbf4d65-af9a-11df-89b8-00151735203a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(68000);\n script_version(\"$Revision: 5245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-09 09:57:08 +0100 (Thu, 09 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-10 19:35:00 +0200 (Sun, 10 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"FreeBSD Ports: bugzilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"bugzilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.17.1\")>0 && revcomp(a:bver, b:\"3.6.2\")<0) {\n txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:13", "description": "Bugzilla is prone to the following vulnerabilities:\n\n1. A security bypass issue.\n\n2. Multiple information-disclosure vulnerabilities.\n\n3. A denial-of-service vulnerability.\n\nSuccessfully exploiting these issues may allow an attacker to bypass certain security restrictions, obtain\nsensitive information or cause the affected application to crash, denying service to legitimate users.\n\nThe following versions are vulnerable:\n\n4.x and 3.2.x versions prior to 3.2.8, 4.1.x and 3.4.x versions prior to 3.4.8, 4.2.x and 3.6.x versions prior to\n3.6.2, 4.3.x versions prior to 3.7.3.", "cvss3": {}, "published": "2010-08-09T00:00:00", "type": "openvas", "title": "Bugzilla Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2019-03-01T00:00:00", "id": "OPENVAS:1361412562310100749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100749", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_bugzilla_42275.nasl 13960 2019-03-01 13:18:27Z cfischer $\n#\n# Bugzilla Multiple Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:bugzilla\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100749\");\n script_version(\"$Revision: 13960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-01 14:18:27 +0100 (Fri, 01 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-09 13:36:05 +0200 (Mon, 09 Aug 2010)\");\n script_bugtraq_id(42275);\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_name(\"Bugzilla Multiple Vulnerabilities\");\n\n script_xref(name:\"URL\", value:\"https://www.securityfocus.com/bid/42275\");\n script_xref(name:\"URL\", value:\"http://www.bugzilla.org/security/3.2.7/\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"bugzilla_detect.nasl\");\n script_mandatory_keys(\"bugzilla/installed\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"Bugzilla is prone to the following vulnerabilities:\n\n1. A security bypass issue.\n\n2. Multiple information-disclosure vulnerabilities.\n\n3. A denial-of-service vulnerability.\n\nSuccessfully exploiting these issues may allow an attacker to bypass certain security restrictions, obtain\nsensitive information or cause the affected application to crash, denying service to legitimate users.\n\nThe following versions are vulnerable:\n\n4.x and 3.2.x versions prior to 3.2.8, 4.1.x and 3.4.x versions prior to 3.4.8, 4.2.x and 3.6.x versions prior to\n3.6.2, 4.3.x versions prior to 3.7.3.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!vers = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version:vers, test_version: \"2\", test_version2:\"3.2.7\") ||\n version_in_range(version:vers, test_version: \"3.3\", test_version2:\"3.4.7\") ||\n version_in_range(version:vers, test_version: \"3.5\", test_version2:\"3.6.1\") ||\n version_in_range(version:vers, test_version: \"3.7\", test_version2:\"3.7.2\")){\n security_message(port:port);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:54:54", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2010-13171", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:1361412562310862602", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862602", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2010-13171\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 14\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862602\");\n script_version(\"$Revision: 8244 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 08:29:28 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13171\");\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"Fedora Update for bugzilla FEDORA-2010-13171\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.6.2~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:05:06", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-10-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: bugzilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:136141256231068000", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068000", "sourceData": "#\n#VID 8cbf4d65-af9a-11df-89b8-00151735203a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 8cbf4d65-af9a-11df-89b8-00151735203a\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: bugzilla\n\nCVE-2010-2756\nSearch.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1\nthrough 3.6.1, and 3.7 through 3.7.2 allows remote attackers to\ndetermine the group memberships of arbitrary users via vectors\ninvolving the Search interface, boolean charts, and group-based\npronouns.\n\nCVE-2010-2757\nThe sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through\n3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly\nsend impersonation notifications, which makes it easier for remote\nauthenticated users to impersonate other users without discovery.\n\nCVE-2010-2758\nBugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through\n3.6.1, and 3.7 through 3.7.2 generates different error messages\ndepending on whether a product exists, which makes it easier for\nremote attackers to guess product names via unspecified use of the (1)\nReports or (2) Duplicates page.\n\nCVE-2010-2759\nBugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through\n3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not\nproperly handle large integers in (1) bug and (2) attachment phrases,\nwhich allows remote authenticated users to cause a denial of service\n(bug invisibility) via a crafted comment.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=417048\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=450013\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=577139\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=519835\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=583690\nhttp://www.vuxml.org/freebsd/8cbf4d65-af9a-11df-89b8-00151735203a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68000\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-10 19:35:00 +0200 (Sun, 10 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"FreeBSD Ports: bugzilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"bugzilla\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.17.1\")>0 && revcomp(a:bver, b:\"3.6.2\")<0) {\n txt += 'Package bugzilla version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:33:03", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2010-13086", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759", "CVE-2010-1204"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:862354", "href": "http://plugins.openvas.org/nasl.php?oid=862354", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2010-13086\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 13\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html\");\n script_id(862354);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13086\");\n script_cve_id(\"CVE-2010-1204\", \"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"Fedora Update for bugzilla FEDORA-2010-13086\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.4.8~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:05:03", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2010-13086", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759", "CVE-2010-1204"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:1361412562310862354", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862354", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2010-13086\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 13\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862354\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13086\");\n script_cve_id(\"CVE-2010-1204\", \"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"Fedora Update for bugzilla FEDORA-2010-13086\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.4.8~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:33:21", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2010-13072", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759", "CVE-2009-3386", "CVE-2010-1204", "CVE-2009-3387", "CVE-2009-3989"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:862357", "href": "http://plugins.openvas.org/nasl.php?oid=862357", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2010-13072\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 12\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html\");\n script_id(862357);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13072\");\n script_cve_id(\"CVE-2010-1204\", \"CVE-2009-3989\", \"CVE-2009-3387\", \"CVE-2009-3386\", \"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"Fedora Update for bugzilla FEDORA-2010-13072\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.4.8~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:05:19", "description": "Check for the Version of bugzilla", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for bugzilla FEDORA-2010-13072", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759", "CVE-2009-3386", "CVE-2010-1204", "CVE-2009-3387", "CVE-2009-3989"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310862357", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862357", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bugzilla FEDORA-2010-13072\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bugzilla on Fedora 12\";\ntag_insight = \"Bugzilla is a popular bug tracking system used by multiple open source projects\n It requires a database engine installed - either MySQL, PostgreSQL or Oracle.\n Without one of these database engines (local or remote), Bugzilla will not work\n - see the Release Notes for details.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862357\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13072\");\n script_cve_id(\"CVE-2010-1204\", \"CVE-2009-3989\", \"CVE-2009-3387\", \"CVE-2009-3386\", \"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_name(\"Fedora Update for bugzilla FEDORA-2010-13072\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bugzilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"bugzilla\", rpm:\"bugzilla~3.4.8~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nA Bugzilla Security Advisory reports:\n\nThe following security issues have been discovered in Bugzilla:\n\nInternet Explorer 8 and older, and Safari before 5.0.6 do\n\t content sniffing when viewing a patch in \"Raw Unified\" mode,\n\t which could trigger a cross-site scripting attack due to\n\t the execution of malicious code in the attachment.\nIt is possible to determine whether or not certain group\n\t names exist while creating or updating bugs.\nAttachment descriptions with a newline in them could lead\n\t to the injection of crafted headers in email notifications sent\n\t to the requestee or the requester when editing an attachment\n\t flag.\nIf an attacker has access to a user's session, he can modify\n\t that user's email address without that user being notified\n\t of the change.\nTemporary files for uploaded attachments are not deleted\n\t on Windows, which could let a user with local access to\n\t the server read them.\nUp to Bugzilla 3.4.11, if a BUGLIST cookie is compromised,\n\t it can be used to inject HTML code when viewing a bug report,\n\t leading to a cross-site scripting attack.\n\nAll affected installations are encouraged to upgrade as soon as\n\t possible.\n\n\n", "cvss3": {}, "published": "2011-08-04T00:00:00", "type": "freebsd", "title": "bugzilla -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2976", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2011-08-04T00:00:00", "id": "DC8741B9-C5D5-11E0-8A8E-00151735203A", "href": "https://vuxml.freebsd.org/freebsd/dc8741b9-c5d5-11e0-8a8e-00151735203a.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-19T16:03:50", "description": "\n\nA Bugzilla Security Advisory reports:\n\n\nRemote Information Disclosure:\n\t An unprivileged user is normally not allowed to view\n\t other users' group membership. But boolean charts\n\t let the user use group-based pronouns, indirectly\n\t disclosing group membership. This security fix\n\t restricts the use of pronouns to groups the user\n\t belongs to.\nNotification Bypass:\n\t Normally, when a user is impersonated, he receives\n\t an email informing him that he is being impersonated,\n\t containing the identity of the impersonator. However,\n\t it was possible to impersonate a user without this\n\t notification being sent.\nRemote Information Disclosure:\n\t An error message thrown by the \"Reports\" and \"Duplicates\"\n\t page confirmed the non-existence of products, thus\n\t allowing users to guess confidential product names.\n\t (Note that the \"Duplicates\" page was not vulnerable\n\t in Bugzilla 3.6rc1 and above though.)\nDenial of Service:\n\t If a comment contained the phrases \"bug X\" or\n\t \"attachment X\", where X was an integer larger than the\n\t maximum 32-bit signed integer size, PostgreSQL would\n\t throw an error, and any page containing that comment would\n\t not be viewable. On most Bugzillas, any user can enter\n\t a comment on any bug, so any user could have used this to\n\t deny access to one or all bugs. Bugzillas running on\n\t databases other than PostgreSQL are not affected.\n\n\n\n", "cvss3": {}, "published": "2010-08-05T00:00:00", "type": "freebsd", "title": "bugzilla -- information disclosure, denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2010-08-05T00:00:00", "id": "8CBF4D65-AF9A-11DF-89B8-00151735203A", "href": "https://vuxml.freebsd.org/freebsd/8cbf4d65-af9a-11df-89b8-00151735203a.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:59:59", "description": "A Bugzilla Security Advisory reports :\n\nThe following security issues have been discovered in Bugzilla :\n\n- Internet Explorer 8 and older, and Safari before 5.0.6 do content sniffing when viewing a patch in 'Raw Unified' mode, which could trigger a cross-site scripting attack due to the execution of malicious code in the attachment.\n\n- It is possible to determine whether or not certain group names exist while creating or updating bugs.\n\n- Attachment descriptions with a newline in them could lead to the injection of crafted headers in email notifications sent to the requestee or the requester when editing an attachment flag.\n\n- If an attacker has access to a user's session, he can modify that user's email address without that user being notified of the change.\n\n- Temporary files for uploaded attachments are not deleted on Windows, which could let a user with local access to the server read them.\n\n- Up to Bugzilla 3.4.11, if a BUGLIST cookie is compromised, it can be used to inject HTML code when viewing a bug report, leading to a cross-site scripting attack.\n\nAll affected installations are encouraged to upgrade as soon as possible.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-15T00:00:00", "type": "nessus", "title": "FreeBSD : bugzilla -- multiple vulnerabilities (dc8741b9-c5d5-11e0-8a8e-00151735203a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2976", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:bugzilla", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_DC8741B9C5D511E08A8E00151735203A.NASL", "href": "https://www.tenable.com/plugins/nessus/55847", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55847);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2976\", \"CVE-2011-2977\", \"CVE-2011-2978\", \"CVE-2011-2979\");\n\n script_name(english:\"FreeBSD : bugzilla -- multiple vulnerabilities (dc8741b9-c5d5-11e0-8a8e-00151735203a)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A Bugzilla Security Advisory reports :\n\nThe following security issues have been discovered in Bugzilla :\n\n- Internet Explorer 8 and older, and Safari before 5.0.6 do content\nsniffing when viewing a patch in 'Raw Unified' mode, which could\ntrigger a cross-site scripting attack due to the execution of\nmalicious code in the attachment.\n\n- It is possible to determine whether or not certain group names exist\nwhile creating or updating bugs.\n\n- Attachment descriptions with a newline in them could lead to the\ninjection of crafted headers in email notifications sent to the\nrequestee or the requester when editing an attachment flag.\n\n- If an attacker has access to a user's session, he can modify that\nuser's email address without that user being notified of the change.\n\n- Temporary files for uploaded attachments are not deleted on Windows,\nwhich could let a user with local access to the server read them.\n\n- Up to Bugzilla 3.4.11, if a BUGLIST cookie is compromised, it can be\nused to inject HTML code when viewing a bug report, leading to a\ncross-site scripting attack.\n\nAll affected installations are encouraged to upgrade as soon as\npossible.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=637981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=653477\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=674497\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=657158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=670868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=660502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=660053\"\n );\n # https://vuxml.freebsd.org/freebsd/dc8741b9-c5d5-11e0-8a8e-00151735203a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65bad0b4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bugzilla>=2.4.*<3.6.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"bugzilla>=4.0.*<4.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T14:55:35", "description": "The Bugzilla developers have discovered a number of security bugs in Bugzilla. These are CVE-2011-2379, CVE-2011-2380, CVE-2011-2979, CVE-2011-2381, CVE-2011-2978, CVE-2011-2977.\n\nThis release fixes these bugs. See http://www.bugzilla.org/security/3.4.11/ for all known details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-20T00:00:00", "type": "nessus", "title": "Fedora 14 : bugzilla-3.6.6-1.fc14 (2011-10413)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bugzilla", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-10413.NASL", "href": "https://www.tenable.com/plugins/nessus/55909", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10413.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55909);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(49042);\n script_xref(name:\"FEDORA\", value:\"2011-10413\");\n\n script_name(english:\"Fedora 14 : bugzilla-3.6.6-1.fc14 (2011-10413)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Bugzilla developers have discovered a number of security bugs in\nBugzilla. These are CVE-2011-2379, CVE-2011-2380, CVE-2011-2979,\nCVE-2011-2381, CVE-2011-2978, CVE-2011-2977.\n\nThis release fixes these bugs. See\nhttp://www.bugzilla.org/security/3.4.11/ for all known details.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.bugzilla.org/security/3.4.11/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.bugzilla.org/security/3.4.11/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=710142\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/063967.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?049d35da\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"bugzilla-3.6.6-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bugzilla\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:55:18", "description": "The Bugzilla developers have discovered a number of security bugs in Bugzilla. These are CVE-2011-2379, CVE-2011-2380, CVE-2011-2979, CVE-2011-2381, CVE-2011-2978, CVE-2011-2977.\n\nThis release fixes these bugs. See http://www.bugzilla.org/security/3.4.11/ for all known details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-20T00:00:00", "type": "nessus", "title": "Fedora 15 : bugzilla-3.6.6-1.fc15 (2011-10426)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bugzilla", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-10426.NASL", "href": "https://www.tenable.com/plugins/nessus/55910", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10426.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55910);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(49042);\n script_xref(name:\"FEDORA\", value:\"2011-10426\");\n\n script_name(english:\"Fedora 15 : bugzilla-3.6.6-1.fc15 (2011-10426)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Bugzilla developers have discovered a number of security bugs in\nBugzilla. These are CVE-2011-2379, CVE-2011-2380, CVE-2011-2979,\nCVE-2011-2381, CVE-2011-2978, CVE-2011-2977.\n\nThis release fixes these bugs. See\nhttp://www.bugzilla.org/security/3.4.11/ for all known details.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.bugzilla.org/security/3.4.11/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.bugzilla.org/security/3.4.11/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=710142\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/063946.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b95be568\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"bugzilla-3.6.6-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bugzilla\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:55:53", "description": "The Bugzilla developers have discovered a number of security bugs in Bugzilla. These are CVE-2011-2379, CVE-2011-2380, CVE-2011-2979, CVE-2011-2381, CVE-2011-2978, CVE-2011-2977.\n\nThis release fixes these bugs. See http://www.bugzilla.org/security/3.4.11/ for all known details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-08-23T00:00:00", "type": "nessus", "title": "Fedora 16 : bugzilla-4.0.2-1.fc16 (2011-10399)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bugzilla", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-10399.NASL", "href": "https://www.tenable.com/plugins/nessus/55945", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-10399.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55945);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(49042);\n script_xref(name:\"FEDORA\", value:\"2011-10399\");\n\n script_name(english:\"Fedora 16 : bugzilla-4.0.2-1.fc16 (2011-10399)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Bugzilla developers have discovered a number of security bugs in\nBugzilla. These are CVE-2011-2379, CVE-2011-2380, CVE-2011-2979,\nCVE-2011-2381, CVE-2011-2978, CVE-2011-2977.\n\nThis release fixes these bugs. See\nhttp://www.bugzilla.org/security/3.4.11/ for all known details.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.bugzilla.org/security/3.4.11/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.bugzilla.org/security/3.4.11/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=710142\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-August/064120.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7a4a0342\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"bugzilla-4.0.2-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bugzilla\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:45", "description": "Several vulnerabilities were discovered in Bugzilla, a web-based bug tracking system.\n\n - CVE-2010-4572 By inserting particular strings into certain URLs, it was possible to inject both headers and content to any browser.\n\n - CVE-2010-4567, CVE-2011-0048 Bugzilla has a 'URL' field that can contain several types of URL, including 'javascript:' and 'data:' URLs.\n However, it does not make 'javascript:' and 'data:' URLs into clickable links, to protect against cross-site scripting attacks or other attacks. It was possible to bypass this protection by adding spaces into the URL in places that Bugzilla did not expect them. Also, 'javascript:' and'data:' links were always shown as clickable to logged-out users.\n\n - CVE-2010-4568 It was possible for a user to gain unauthorized access to any Bugzilla account in a very short amount of time (short enough that the attack is highly effective).\n\n - CVE-2011-0046 Various pages were vulnerable to Cross-Site Request Forgery attacks. Most of these issues are not as serious as previous CSRF vulnerabilities.\n\n - CVE-2011-2978 When a user changes his email address, Bugzilla trusts a user-modifiable field for obtaining the current e-mail address to send a confirmation message to. If an attacker has access to the session of another user (for example, if that user left their browser window open in a public place), the attacker could alter this field to cause the email-change notification to go to their own address. This means that the user would not be notified that his account had its email address changed by the attacker.\n\n - CVE-2011-2381 For flagmails only, attachment descriptions with a newline in them could lead to the injection of crafted headers in email notifications when an attachment flag is edited.\n\n - CVE-2011-2379 Bugzilla uses an alternate host for attachments when viewing them in raw format to prevent cross-site scripting attacks. This alternate host is now also used when viewing patches in 'Raw Unified' mode because Internet Explorer 8 and older, and Safari before 5.0.6 do content sniffing, which could lead to the execution of malicious code.\n\n - CVE-2011-2380, CVE-2011-2979 Normally, a group name is confidential and is only visible to members of the group, and to non-members if the group is used in bugs. By crafting the URL when creating or editing a bug, it was possible to guess if a group existed or not, even for groups which weren't used in bugs and so which were supposed to remain confidential.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-11T00:00:00", "type": "nessus", "title": "Debian DSA-2322-1 : bugzilla - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4567", "CVE-2010-4568", "CVE-2010-4572", "CVE-2011-0046", "CVE-2011-0048", "CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bugzilla", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2322.NASL", "href": "https://www.tenable.com/plugins/nessus/56444", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2322. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56444);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4567\", \"CVE-2010-4568\", \"CVE-2010-4572\", \"CVE-2011-0046\", \"CVE-2011-0048\", \"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2978\", \"CVE-2011-2979\");\n script_bugtraq_id(45982, 49042);\n script_xref(name:\"DSA\", value:\"2322\");\n\n script_name(english:\"Debian DSA-2322-1 : bugzilla - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in Bugzilla, a web-based bug\ntracking system.\n\n - CVE-2010-4572\n By inserting particular strings into certain URLs, it\n was possible to inject both headers and content to any\n browser.\n\n - CVE-2010-4567, CVE-2011-0048\n Bugzilla has a 'URL' field that can contain several\n types of URL, including 'javascript:' and 'data:' URLs.\n However, it does not make 'javascript:' and 'data:' URLs\n into clickable links, to protect against cross-site\n scripting attacks or other attacks. It was possible to\n bypass this protection by adding spaces into the URL in\n places that Bugzilla did not expect them. Also,\n 'javascript:' and'data:' links were always shown as\n clickable to logged-out users.\n\n - CVE-2010-4568\n It was possible for a user to gain unauthorized access\n to any Bugzilla account in a very short amount of time\n (short enough that the attack is highly effective).\n\n - CVE-2011-0046\n Various pages were vulnerable to Cross-Site Request\n Forgery attacks. Most of these issues are not as serious\n as previous CSRF vulnerabilities.\n\n - CVE-2011-2978\n When a user changes his email address, Bugzilla trusts a\n user-modifiable field for obtaining the current e-mail\n address to send a confirmation message to. If an\n attacker has access to the session of another user (for\n example, if that user left their browser window open in\n a public place), the attacker could alter this field to\n cause the email-change notification to go to their own\n address. This means that the user would not be notified\n that his account had its email address changed by the\n attacker.\n\n - CVE-2011-2381\n For flagmails only, attachment descriptions with a\n newline in them could lead to the injection of crafted\n headers in email notifications when an attachment flag\n is edited.\n\n - CVE-2011-2379\n Bugzilla uses an alternate host for attachments when\n viewing them in raw format to prevent cross-site\n scripting attacks. This alternate host is now also used\n when viewing patches in 'Raw Unified' mode because\n Internet Explorer 8 and older, and Safari before 5.0.6\n do content sniffing, which could lead to the execution\n of malicious code.\n\n - CVE-2011-2380, CVE-2011-2979\n Normally, a group name is confidential and is only\n visible to members of the group, and to non-members if\n the group is used in bugs. By crafting the URL when\n creating or editing a bug, it was possible to guess if a\n group existed or not, even for groups which weren't used\n in bugs and so which were supposed to remain\n confidential.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4567\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2979\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/bugzilla\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2322\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bugzilla packages.\n\nFor the oldstable distribution (lenny), it has not been practical to\nbackport patches to fix these bugs. Users of bugzilla on lenny are\nstrongly advised to upgrade to the version in the squeeze\ndistribution.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 3.6.2.0-4.4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"bugzilla3\", reference:\"3.6.2.0-4.4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bugzilla3-doc\", reference:\"3.6.2.0-4.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:52", "description": "The remote host is affected by the vulnerability described in GLSA-201110-03 (Bugzilla: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could conduct cross-site scripting attacks, conduct script insertion and spoofing attacks, hijack the authentication of arbitrary users, inject arbitrary HTTP headers, obtain access to arbitrary accounts, disclose the existence of confidential groups and its names, or inject arbitrary e-mail headers.\n A local attacker could disclose the contents of temporarfy files for uploaded attachments.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-11T00:00:00", "type": "nessus", "title": "GLSA-201110-03 : Bugzilla: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2761", "CVE-2010-3172", "CVE-2010-3764", "CVE-2010-4411", "CVE-2010-4567", "CVE-2010-4568", "CVE-2010-4569", "CVE-2010-4570", "CVE-2010-4572", "CVE-2011-0046", "CVE-2011-0048", "CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2976", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:bugzilla", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201110-03.NASL", "href": "https://www.tenable.com/plugins/nessus/56445", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-03.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56445);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2761\", \"CVE-2010-3172\", \"CVE-2010-3764\", \"CVE-2010-4411\", \"CVE-2010-4567\", \"CVE-2010-4568\", \"CVE-2010-4569\", \"CVE-2010-4570\", \"CVE-2010-4572\", \"CVE-2011-0046\", \"CVE-2011-0048\", \"CVE-2011-2379\", \"CVE-2011-2380\", \"CVE-2011-2381\", \"CVE-2011-2976\", \"CVE-2011-2977\", \"CVE-2011-2978\", \"CVE-2011-2979\");\n script_bugtraq_id(44618, 45145, 45982, 49042);\n script_xref(name:\"GLSA\", value:\"201110-03\");\n\n script_name(english:\"GLSA-201110-03 : Bugzilla: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-03\n(Bugzilla: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Bugzilla. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could conduct cross-site scripting attacks, conduct\n script insertion and spoofing attacks, hijack the authentication of\n arbitrary users, inject arbitrary HTTP headers, obtain access to\n arbitrary accounts, disclose the existence of confidential groups and its\n names, or inject arbitrary e-mail headers.\n A local attacker could disclose the contents of temporarfy files for\n uploaded attachments.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201110-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Bugzilla users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/bugzilla-3.6.6'\n NOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since August 27, 2011. It is likely that your system is already\n no longer affected by this issue.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-apps/bugzilla\", unaffected:make_list(\"ge 3.6.6\"), vulnerable:make_list(\"lt 3.6.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Bugzilla\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:20:02", "description": "The version of Bugzilla hosted on the remote web server allows an unauthenticated, remote attacker to perform a boolean chart search using the 'reporter' field set to an arbitrary group.\n\nAn attacker could leverage this issue to search for bugs that were reported by users belonging to one more groups, even though the attacker is not a member of such groups.\n\nAlthough Nessus has not checked for them, the installed version is also likely to be affected by several other vulnerabilities, including remote information disclosure, denial of service and notification bypass.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2010-08-12T00:00:00", "type": "nessus", "title": "Bugzilla 'reporter' field Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:mozilla:bugzilla"], "id": "BUGZILLA_REPORTEDBY_INFO_DISCLOSURE.NASL", "href": "https://www.tenable.com/plugins/nessus/48316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48316);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2010-2756\");\n script_bugtraq_id(42275);\n script_xref(name:\"SECUNIA\", value:\"40892\");\n\n script_name(english:\"Bugzilla 'reporter' field Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A CGI script hosted on the remote web server is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Bugzilla hosted on the remote web server allows an\nunauthenticated, remote attacker to perform a boolean chart search\nusing the 'reporter' field set to an arbitrary group.\n\nAn attacker could leverage this issue to search for bugs that were\nreported by users belonging to one more groups, even though the\nattacker is not a member of such groups.\n\nAlthough Nessus has not checked for them, the installed version is\nalso likely to be affected by several other vulnerabilities, including\nremote information disclosure, denial of service and notification\nbypass.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=417048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.bugzilla.org/security/3.2.7/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Bugzilla version 3.2.8 / 3.4.8 / 3.6.2 / 3.7.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:bugzilla\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"bugzilla_detect.nasl\");\n script_require_keys(\"installed_sw/Bugzilla\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\ninclude(\"url_func.inc\");\n\napp = 'Bugzilla';\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:80);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\npath = install[\"path\"];\nversion = install[\"version\"];\n\nrequest = urlencode(str:'field0-0-0=reporter&type0-0-0=equals&value0-0-0=%group.admin%',case_type:HEX_UPPERCASE);\n\n # Advanced search\nexploit = 'buglist.cgi?query_format=advanced&' +\n # Get bugs from all possible status\n 'bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&' +\n # Now create our boolean chart search for bugs\n # ReportedBy user belonging to admin group.\n request;\n\ninstall_loc = build_url(port:port, qs:path);\nurl = install_loc + exploit;\n\nres = http_send_recv3(method:\"GET\",\n item:url,\n port:port,\n exit_on_fail:TRUE,\n add_headers: make_array(\"Cookie\",\"LANG=en\"));\n\n# If we didn't receive an error saying admin group does not exist\n# AND\n# if we were able to get search results\n\nshowbug_pat = 'href=\"show_bug.cgi\\\\?id=[0-9]+\">([0-9]+)</a>';\n\nif (\n # Pathced version results in an error.\n \"The group you specified, admin, is not valid here\" >!< res[2] &&\n '<a href=\"query.cgi?'+request >< res[2] && # if we see our query\n '<tr class=\"bz_bugitem' >< res[2] &&\n '<span class=\"bz_result_count\">' >< res[2] &&\n '<td class=\"first-child' >< res[2] &&\n egrep(pattern:'(One|[0-9]+) (bug|issue)s? found.',string:res[2]) && # We've got results.\n egrep(pattern:showbug_pat,string:res[2]) # And the links to the bugs.\n )\n{\n if (report_verbosity > 0)\n {\n report = '\\n' +\n 'Nessus was able to perform a boolean chart search for bugs\\n'+\n 'that were reported by an user belonging to the admin group \\n'+\n 'using the following URL :\\n'+\n '\\n'+\n build_url(port:port, qs:url) + '\\n';\n\n if (report_verbosity > 1)\n {\n info = '';\n max_bugs = 10;\n\n # Get individual bug listing...\n flag = 0;\n bug_count = 0;\n id = NULL;\n\n foreach line (split(res[2]))\n {\n if (bug_count >= max_bugs) break;\n\n if ('<td class=\"first-child' >< line)\n flag = 1;\n\n if (flag && preg(pattern:showbug_pat,string:line))\n {\n matches = pregmatch(pattern:showbug_pat,string:line);\n if (!isnull(matches) && matches[1])\n {\n id = matches[1];\n info += install_loc+\"show_bug.cgi?id=\"+id + '\\n';\n\n id = NULL;\n flag = 0;\n bug_count++;\n }\n }\n }\n if (info)\n report += '\\n' +\n 'Here\\'s the list of bugs (limited to '+ max_bugs+') that matched\\n'+\n 'the query : \\n\\n'+\n info;\n }\n security_warning(port:port, extra:data_protection::sanitize_user_paths(report_text:report));\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_loc, version);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T13:03:16", "description": "A Bugzilla Security Advisory reports :\n\n- Remote Information Disclosure : An unprivileged user is normally not allowed to view other users' group membership. But boolean charts let the user use group-based pronouns, indirectly disclosing group membership. This security fix restricts the use of pronouns to groups the user belongs to.\n\n- Notification Bypass : Normally, when a user is impersonated, he receives an email informing him that he is being impersonated, containing the identity of the impersonator. However, it was possible to impersonate a user without this notification being sent.\n\n- Remote Information Disclosure : An error message thrown by the 'Reports' and 'Duplicates' page confirmed the non-existence of products, thus allowing users to guess confidential product names.\n(Note that the 'Duplicates' page was not vulnerable in Bugzilla 3.6rc1 and above though.)\n\n- Denial of Service : If a comment contained the phrases 'bug X' or 'attachment X', where X was an integer larger than the maximum 32-bit signed integer size, PostgreSQL would throw an error, and any page containing that comment would not be viewable. On most Bugzillas, any user can enter a comment on any bug, so any user could have used this to deny access to one or all bugs. Bugzillas running on databases other than PostgreSQL are not affected.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-25T00:00:00", "type": "nessus", "title": "FreeBSD : bugzilla -- information disclosure, denial of service (8cbf4d65-af9a-11df-89b8-00151735203a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:bugzilla", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_8CBF4D65AF9A11DF89B800151735203A.NASL", "href": "https://www.tenable.com/plugins/nessus/48427", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48427);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n\n script_name(english:\"FreeBSD : bugzilla -- information disclosure, denial of service (8cbf4d65-af9a-11df-89b8-00151735203a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A Bugzilla Security Advisory reports :\n\n- Remote Information Disclosure : An unprivileged user is normally not\nallowed to view other users' group membership. But boolean charts let\nthe user use group-based pronouns, indirectly disclosing group\nmembership. This security fix restricts the use of pronouns to groups\nthe user belongs to.\n\n- Notification Bypass : Normally, when a user is impersonated, he\nreceives an email informing him that he is being impersonated,\ncontaining the identity of the impersonator. However, it was possible\nto impersonate a user without this notification being sent.\n\n- Remote Information Disclosure : An error message thrown by the\n'Reports' and 'Duplicates' page confirmed the non-existence of\nproducts, thus allowing users to guess confidential product names.\n(Note that the 'Duplicates' page was not vulnerable in Bugzilla 3.6rc1\nand above though.)\n\n- Denial of Service : If a comment contained the phrases 'bug X' or\n'attachment X', where X was an integer larger than the maximum 32-bit\nsigned integer size, PostgreSQL would throw an error, and any page\ncontaining that comment would not be viewable. On most Bugzillas, any\nuser can enter a comment on any bug, so any user could have used this\nto deny access to one or all bugs. Bugzillas running on databases\nother than PostgreSQL are not affected.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=417048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=450013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=577139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=519835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=583690\"\n );\n # https://vuxml.freebsd.org/freebsd/8cbf4d65-af9a-11df-89b8-00151735203a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b09ec7d8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"bugzilla>2.17.1<3.6.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:03:07", "description": "The remote web server is hosting Bugzilla, a web-based bug tracking application. \n\nVersions of Bugzilla 3.2.x earlier than 3.2.8, 3.4.x earlier than 3.4.8, 3.6.x earlier than 3.6.2, and 3.7.x earlier than 3.7.3 are potentially affected by multiple vulnerabilities :\n\n - It is possible to (at least partially) determine the membership of any group using the Search interface. (CVE-2010-2756).\n\n - It is possible to use the 'sudo' feature without sending a notification to the user being impersonated. (CVE-2010-2757)\n\n - The 'Reports' and 'Duplicates' pages let you guess the name of products you can't see, due to the error message that is thrown. (CVE-2010-2758)\n\n - For installations using PostgreSQL, specifying \"bug X\" or \"Attachment X\" in a comment can deny access to the bug if X is larger than the maximum 32-bit signed integer size. (CVE-2010-2759)", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}, "published": "2010-08-13T00:00:00", "type": "nessus", "title": "Bugzilla < 3.2.8 / 3.4.8 / 3.6.2 / 3.7.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759", "CVE-2010-2756"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:bugzilla:*:*:*:*:*:*:*:*"], "id": "5627.PRM", "href": "https://www.tenable.com/plugins/nnm/5627", "sourceData": "Binary data 5627.prm", "cvss": {"score": 6.4, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-08-19T13:03:24", "description": "- Bug #623423 - CVE-2010-2756 CVE-2010-2757 CVE-2010-2758 CVE-2010-2759 bugzilla: multiple vulnerabilities corrected in 3.4.8/3.6.2\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-27T00:00:00", "type": "nessus", "title": "Fedora 14 : bugzilla-3.6.2-1.fc14 (2010-13171)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bugzilla", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2010-13171.NASL", "href": "https://www.tenable.com/plugins/nessus/48897", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13171.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48897);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_bugtraq_id(42275);\n script_xref(name:\"FEDORA\", value:\"2010-13171\");\n\n script_name(english:\"Fedora 14 : bugzilla-3.6.2-1.fc14 (2010-13171)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Bug #623423 - CVE-2010-2756 CVE-2010-2757 CVE-2010-2758\n CVE-2010-2759 bugzilla: multiple vulnerabilities\n corrected in 3.4.8/3.6.2\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=623423\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?98a64779\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"bugzilla-3.6.2-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bugzilla\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:23:08", "description": "- Thu Aug 19 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.8-2\n\n - Bump to correct changelog version\n\n - Wed Aug 18 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.8-1\n\n - Update to 3.4.8 (#623426, #615331)\n\n - Only run checksetup if /etc/bugzilla/localconfig does not exist (#610210)\n\n - Add bugzilla-contrib to Requires (#610198)\n\n - Wed Jun 30 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.7-2\n\n - Remove mod_perl from the requirements (#600924)\n\n - Fri Jun 25 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.7-1\n\n - Update to 3.4.7 (CVE-2010-1204)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-29T00:00:00", "type": "nessus", "title": "Fedora 13 : bugzilla-3.4.8-2.fc13 (2010-13086)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1204", "CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bugzilla", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-13086.NASL", "href": "https://www.tenable.com/plugins/nessus/48914", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13086.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48914);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_bugtraq_id(42275);\n script_xref(name:\"FEDORA\", value:\"2010-13086\");\n\n script_name(english:\"Fedora 13 : bugzilla-3.4.8-2.fc13 (2010-13086)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Aug 19 2010 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.8-2\n\n - Bump to correct changelog version\n\n - Wed Aug 18 2010 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.8-1\n\n - Update to 3.4.8 (#623426, #615331)\n\n - Only run checksetup if /etc/bugzilla/localconfig does\n not exist (#610210)\n\n - Add bugzilla-contrib to Requires (#610198)\n\n - Wed Jun 30 2010 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.7-2\n\n - Remove mod_perl from the requirements (#600924)\n\n - Fri Jun 25 2010 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.7-1\n\n - Update to 3.4.7 (CVE-2010-1204)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=623423\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3d55946\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"bugzilla-3.4.8-2.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bugzilla\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:24:35", "description": "- Thu Aug 19 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.8-1\n\n - Update to 3.4.8 (#623426, #615331)\n\n - Only run checksetup if /etc/bugzilla/localconfig does not exist (#610210)\n\n - Add bugzilla-contrib to Requires (#610198)\n\n - Remove mod_perl from the requirements (#600924)\n\n - Fri Jun 25 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.7-1\n\n - Update to 3.4.7 (CVE-2010-1204)\n\n - Mon Feb 1 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.5-1\n\n - Update to 3.4.5 (CVE-2009-3989, CVE-2009-3387)\n\n - Remove bugzilla-EL5-perl-versions.patch which is EPEL-specific\n\n - Thu Nov 19 2009 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.4-1\n\n - Update to 3.4.4 (CVE-2009-3386)\n\n - Wed Nov 11 2009 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.3-1\n\n - Update to 3.4.3 (fixes memory leak issues)\n\n - Add perl(Digest::SHA) in the Requires\n\n - Specify Perl module versions in the Requires (fixes #524309)\n\n - Add an alias to make $webdotdir a working path (fixes #458848)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-29T00:00:00", "type": "nessus", "title": "Fedora 12 : bugzilla-3.4.8-1.fc12 (2010-13072)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3386", "CVE-2009-3387", "CVE-2009-3989", "CVE-2010-1204", "CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758", "CVE-2010-2759"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bugzilla", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-13072.NASL", "href": "https://www.tenable.com/plugins/nessus/48913", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13072.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48913);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2756\", \"CVE-2010-2757\", \"CVE-2010-2758\", \"CVE-2010-2759\");\n script_bugtraq_id(42275);\n script_xref(name:\"FEDORA\", value:\"2010-13072\");\n\n script_name(english:\"Fedora 12 : bugzilla-3.4.8-1.fc12 (2010-13072)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Aug 19 2010 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.8-1\n\n - Update to 3.4.8 (#623426, #615331)\n\n - Only run checksetup if /etc/bugzilla/localconfig does\n not exist (#610210)\n\n - Add bugzilla-contrib to Requires (#610198)\n\n - Remove mod_perl from the requirements (#600924)\n\n - Fri Jun 25 2010 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.7-1\n\n - Update to 3.4.7 (CVE-2010-1204)\n\n - Mon Feb 1 2010 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.5-1\n\n - Update to 3.4.5 (CVE-2009-3989, CVE-2009-3387)\n\n - Remove bugzilla-EL5-perl-versions.patch which is\n EPEL-specific\n\n - Thu Nov 19 2009 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.4-1\n\n - Update to 3.4.4 (CVE-2009-3386)\n\n - Wed Nov 11 2009 Emmanuel Seyman <emmanuel.seyman at\n club-internet.fr> - 3.4.3-1\n\n - Update to 3.4.3 (fixes memory leak issues)\n\n - Add perl(Digest::SHA) in the Requires\n\n - Specify Perl module versions in the Requires (fixes\n #524309)\n\n - Add an alias to make $webdotdir a working path (fixes\n #458848)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=623423\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?48035cf2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bugzilla package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"bugzilla-3.4.8-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bugzilla\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. ", "edition": 2, "cvss3": {}, "published": "2011-08-19T21:56:52", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: bugzilla-3.6.6-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2977", "CVE-2011-2979"], "modified": "2011-08-19T21:56:52", "id": "FEDORA:9C413110733", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. ", "edition": 2, "cvss3": {}, "published": "2011-08-22T15:04:40", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: bugzilla-4.0.2-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2977", "CVE-2011-2979"], "modified": "2011-08-22T15:04:40", "id": "FEDORA:1765F110D43", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. ", "edition": 2, "cvss3": {}, "published": "2011-08-19T22:00:40", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: bugzilla-3.6.6-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2977", "CVE-2011-2979"], "modified": "2011-08-19T22:00:40", "id": "FEDORA:CC354110C45", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. ", "edition": 2, "cvss3": {}, "published": "2010-08-27T03:07:40", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: bugzilla-3.6.2-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758"], "modified": "2010-08-27T03:07:40", "id": "FEDORA:7FABF11061C", "href": "", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. ", "edition": 2, "cvss3": {}, "published": "2010-08-27T06:55:20", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: bugzilla-3.4.8-2.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1204", "CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758"], "modified": "2010-08-27T06:55:20", "id": "FEDORA:3374710F8DE", "href": "", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Bugzilla is a popular bug tracking system used by multiple open source proj ects It requires a database engine installed - either MySQL, PostgreSQL or Oracl e. Without one of these database engines (local or remote), Bugzilla will not work - see the Release Notes for details. ", "edition": 2, "cvss3": {}, "published": "2010-08-27T06:52:18", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: bugzilla-3.4.8-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3386", "CVE-2009-3387", "CVE-2009-3989", "CVE-2010-1204", "CVE-2010-2756", "CVE-2010-2757", "CVE-2010-2758"], "modified": "2010-08-27T06:52:18", "id": "FEDORA:C582F10F8DE", "href": "", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:19:42", "description": "Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756 regression.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2011-2979", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2756", "CVE-2011-2979"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:mozilla:bugzilla:4.1.1", "cpe:/a:mozilla:bugzilla:4.1.2", "cpe:/a:mozilla:bugzilla:4.1"], "id": "CVE-2011-2979", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2979", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:38", "description": "Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2011-2976", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2976"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.4.5", "cpe:/a:mozilla:bugzilla:3.3.3", "cpe:/a:mozilla:bugzilla:2.22.6", "cpe:/a:mozilla:bugzilla:2.16.3", "cpe:/a:mozilla:bugzilla:2.16.2", "cpe:/a:mozilla:bugzilla:2.17.5", "cpe:/a:mozilla:bugzilla:3.4.8", "cpe:/a:mozilla:bugzilla:3.0.11", "cpe:/a:mozilla:bugzilla:2.21.1", "cpe:/a:mozilla:bugzilla:2.16.6", "cpe:/a:mozilla:bugzilla:2.16.5", "cpe:/a:mozilla:bugzilla:3.1.0", "cpe:/a:mozilla:bugzilla:3.0.9", "cpe:/a:mozilla:bugzilla:2.17.4", "cpe:/a:mozilla:bugzilla:3.2.2", "cpe:/a:mozilla:bugzilla:2.22", "cpe:/a:mozilla:bugzilla:3.2.7", "cpe:/a:mozilla:bugzilla:2.16", "cpe:/a:mozilla:bugzilla:2.17.6", "cpe:/a:mozilla:bugzilla:3.0.4", "cpe:/a:mozilla:bugzilla:2.22.7", "cpe:/a:mozilla:bugzilla:2.16.1", "cpe:/a:mozilla:bugzilla:2.18", "cpe:/a:mozilla:bugzilla:3.4.1", "cpe:/a:mozilla:bugzilla:3.3.2", "cpe:/a:mozilla:bugzilla:2.20.1", "cpe:/a:mozilla:bugzilla:2.19.3", "cpe:/a:mozilla:bugzilla:3.4.2", "cpe:/a:mozilla:bugzilla:2.20.6", "cpe:/a:mozilla:bugzilla:3.0.8", "cpe:/a:mozilla:bugzilla:2.17.1", "cpe:/a:mozilla:bugzilla:2.18.3", "cpe:/a:mozilla:bugzilla:2.21", "cpe:/a:mozilla:bugzilla:3.2.9", "cpe:/a:mozilla:bugzilla:2.17.3", "cpe:/a:mozilla:bugzilla:2.17", "cpe:/a:mozilla:bugzilla:3.1.2", "cpe:/a:mozilla:bugzilla:3.0.7", "cpe:/a:mozilla:bugzilla:3.1.4", "cpe:/a:mozilla:bugzilla:2.16.11", "cpe:/a:mozilla:bugzilla:3.1.1", "cpe:/a:mozilla:bugzilla:2.22.2", "cpe:/a:mozilla:bugzilla:2.16.4", "cpe:/a:mozilla:bugzilla:3.4.9", "cpe:/a:mozilla:bugzilla:2.16.8", "cpe:/a:mozilla:bugzilla:2.18.2", "cpe:/a:mozilla:bugzilla:3.1.3", "cpe:/a:mozilla:bugzilla:3.4", "cpe:/a:mozilla:bugzilla:2.20.7", "cpe:/a:mozilla:bugzilla:2.22.3", "cpe:/a:mozilla:bugzilla:3.2.3", "cpe:/a:mozilla:bugzilla:3.3.1", "cpe:/a:mozilla:bugzilla:2.19.1", "cpe:/a:mozilla:bugzilla:3.0.5", "cpe:/a:mozilla:bugzilla:2.16.9", "cpe:/a:mozilla:bugzilla:2.19.2", "cpe:/a:mozilla:bugzilla:3.2.8", "cpe:/a:mozilla:bugzilla:2.22.1", "cpe:/a:mozilla:bugzilla:3.0.0", "cpe:/a:mozilla:bugzilla:2.18.4", "cpe:/a:mozilla:bugzilla:2.21.2", "cpe:/a:mozilla:bugzilla:3.0", "cpe:/a:mozilla:bugzilla:2.20.3", "cpe:/a:mozilla:bugzilla:3.2.6", "cpe:/a:mozilla:bugzilla:3.4.7", "cpe:/a:mozilla:bugzilla:3.2", "cpe:/a:mozilla:bugzilla:2.19", "cpe:/a:mozilla:bugzilla:3.3.4", "cpe:/a:mozilla:bugzilla:3.2.1", "cpe:/a:mozilla:bugzilla:3.3", "cpe:/a:mozilla:bugzilla:2.20.2", "cpe:/a:mozilla:bugzilla:2.20.4", "cpe:/a:mozilla:bugzilla:3.0.3", "cpe:/a:mozilla:bugzilla:2.16.10", "cpe:/a:mozilla:bugzilla:2.20", "cpe:/a:mozilla:bugzilla:3.2.4", "cpe:/a:mozilla:bugzilla:2.22.4", "cpe:/a:mozilla:bugzilla:2.16.7", "cpe:/a:mozilla:bugzilla:3.0.1", "cpe:/a:mozilla:bugzilla:2.22.5", "cpe:/a:mozilla:bugzilla:3.4.6", "cpe:/a:mozilla:bugzilla:3.2.5", "cpe:/a:mozilla:bugzilla:3.4.3", "cpe:/a:mozilla:bugzilla:3.4.4", "cpe:/a:mozilla:bugzilla:2.20.5", "cpe:/a:mozilla:bugzilla:2.17.7", "cpe:/a:mozilla:bugzilla:3.2.10", "cpe:/a:mozilla:bugzilla:3.0.6", "cpe:/a:mozilla:bugzilla:3.0.10", "cpe:/a:mozilla:bugzilla:3.0.2", "cpe:/a:mozilla:bugzilla:2.18.5", "cpe:/a:mozilla:bugzilla:3.4.10", "cpe:/a:mozilla:bugzilla:2.18.6", "cpe:/a:mozilla:bugzilla:3.4.11", "cpe:/a:mozilla:bugzilla:2.18.1"], "id": "CVE-2011-2976", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2976", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:09:29", "description": "CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2011-2381", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2381"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.5.2", "cpe:/a:mozilla:bugzilla:3.4.5", "cpe:/a:mozilla:bugzilla:3.3.3", "cpe:/a:mozilla:bugzilla:2.22.6", "cpe:/a:mozilla:bugzilla:2.17.5", "cpe:/a:mozilla:bugzilla:3.4.8", "cpe:/a:mozilla:bugzilla:3.0.11", "cpe:/a:mozilla:bugzilla:2.21.1", "cpe:/a:mozilla:bugzilla:3.1.0", "cpe:/a:mozilla:bugzilla:3.0.9", "cpe:/a:mozilla:bugzilla:2.17.4", "cpe:/a:mozilla:bugzilla:3.2.2", "cpe:/a:mozilla:bugzilla:4.0.1", "cpe:/a:mozilla:bugzilla:2.22", "cpe:/a:mozilla:bugzilla:3.2.7", "cpe:/a:mozilla:bugzilla:3.7.1", "cpe:/a:mozilla:bugzilla:2.17.6", "cpe:/a:mozilla:bugzilla:3.5.3", "cpe:/a:mozilla:bugzilla:3.0.4", "cpe:/a:mozilla:bugzilla:2.22.7", "cpe:/a:mozilla:bugzilla:3.6.2", "cpe:/a:mozilla:bugzilla:2.18", "cpe:/a:mozilla:bugzilla:3.4.1", "cpe:/a:mozilla:bugzilla:3.7.3", "cpe:/a:mozilla:bugzilla:2.20.1", "cpe:/a:mozilla:bugzilla:3.3.2", "cpe:/a:mozilla:bugzilla:3.6.1", "cpe:/a:mozilla:bugzilla:2.19.3", "cpe:/a:mozilla:bugzilla:3.4.2", "cpe:/a:mozilla:bugzilla:2.20.6", "cpe:/a:mozilla:bugzilla:3.0.8", "cpe:/a:mozilla:bugzilla:2.17.1", "cpe:/a:mozilla:bugzilla:2.18.3", "cpe:/a:mozilla:bugzilla:2.21", "cpe:/a:mozilla:bugzilla:3.2.9", "cpe:/a:mozilla:bugzilla:2.17.3", "cpe:/a:mozilla:bugzilla:3.1.2", "cpe:/a:mozilla:bugzilla:3.0.7", "cpe:/a:mozilla:bugzilla:3.5.1", "cpe:/a:mozilla:bugzilla:3.1.4", "cpe:/a:mozilla:bugzilla:3.4.9", "cpe:/a:mozilla:bugzilla:3.1.1", "cpe:/a:mozilla:bugzilla:2.22.2", "cpe:/a:mozilla:bugzilla:2.18.2", "cpe:/a:mozilla:bugzilla:3.1.3", "cpe:/a:mozilla:bugzilla:3.4", "cpe:/a:mozilla:bugzilla:2.20.7", "cpe:/a:mozilla:bugzilla:4.1", "cpe:/a:mozilla:bugzilla:2.22.3", "cpe:/a:mozilla:bugzilla:3.2.3", "cpe:/a:mozilla:bugzilla:3.3.1", "cpe:/a:mozilla:bugzilla:2.19.1", "cpe:/a:mozilla:bugzilla:3.0.5", "cpe:/a:mozilla:bugzilla:4.1.1", "cpe:/a:mozilla:bugzilla:3.2.8", "cpe:/a:mozilla:bugzilla:2.19.2", "cpe:/a:mozilla:bugzilla:2.22.1", "cpe:/a:mozilla:bugzilla:3.0.0", "cpe:/a:mozilla:bugzilla:2.18.4", "cpe:/a:mozilla:bugzilla:2.21.2", "cpe:/a:mozilla:bugzilla:3.0", "cpe:/a:mozilla:bugzilla:2.20.3", "cpe:/a:mozilla:bugzilla:3.2.6", "cpe:/a:mozilla:bugzilla:3.4.7", "cpe:/a:mozilla:bugzilla:3.6.3", "cpe:/a:mozilla:bugzilla:3.2", "cpe:/a:mozilla:bugzilla:2.19", "cpe:/a:mozilla:bugzilla:3.7.2", "cpe:/a:mozilla:bugzilla:3.3.4", "cpe:/a:mozilla:bugzilla:3.6.0", "cpe:/a:mozilla:bugzilla:3.2.1", "cpe:/a:mozilla:bugzilla:3.3", "cpe:/a:mozilla:bugzilla:2.20.2", "cpe:/a:mozilla:bugzilla:2.20.4", "cpe:/a:mozilla:bugzilla:3.0.3", "cpe:/a:mozilla:bugzilla:2.20", "cpe:/a:mozilla:bugzilla:4.0", "cpe:/a:mozilla:bugzilla:3.2.4", "cpe:/a:mozilla:bugzilla:2.22.4", "cpe:/a:mozilla:bugzilla:3.0.1", "cpe:/a:mozilla:bugzilla:2.22.5", "cpe:/a:mozilla:bugzilla:3.4.6", "cpe:/a:mozilla:bugzilla:3.2.5", "cpe:/a:mozilla:bugzilla:3.6.4", "cpe:/a:mozilla:bugzilla:3.4.3", "cpe:/a:mozilla:bugzilla:3.4.4", "cpe:/a:mozilla:bugzilla:4.1.2", "cpe:/a:mozilla:bugzilla:2.20.5", "cpe:/a:mozilla:bugzilla:2.17.7", "cpe:/a:mozilla:bugzilla:3.0.6", "cpe:/a:mozilla:bugzilla:3.2.10", "cpe:/a:mozilla:bugzilla:3.0.10", "cpe:/a:mozilla:bugzilla:3.5", "cpe:/a:mozilla:bugzilla:3.7", "cpe:/a:mozilla:bugzilla:3.0.2", "cpe:/a:mozilla:bugzilla:3.6.5", "cpe:/a:mozilla:bugzilla:2.18.5", "cpe:/a:mozilla:bugzilla:3.4.10", "cpe:/a:mozilla:bugzilla:2.18.6", "cpe:/a:mozilla:bugzilla:3.6", "cpe:/a:mozilla:bugzilla:3.4.11", "cpe:/a:mozilla:bugzilla:2.18.1"], "id": "CVE-2011-2381", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2381", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:09:27", "description": "Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2011-2380", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2380"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.5.2", "cpe:/a:mozilla:bugzilla:2.23.3", "cpe:/a:mozilla:bugzilla:3.4.5", "cpe:/a:mozilla:bugzilla:3.6.1", "cpe:/a:mozilla:bugzilla:3.0.5", "cpe:/a:mozilla:bugzilla:3.4.2", "cpe:/a:mozilla:bugzilla:4.1.1", "cpe:/a:mozilla:bugzilla:3.6.4", "cpe:/a:mozilla:bugzilla:3.2.5", "cpe:/a:mozilla:bugzilla:3.4.3", "cpe:/a:mozilla:bugzilla:3.2.8", "cpe:/a:mozilla:bugzilla:3.3.3", "cpe:/a:mozilla:bugzilla:3.4.8", "cpe:/a:mozilla:bugzilla:2.23.2", "cpe:/a:mozilla:bugzilla:3.4.4", "cpe:/a:mozilla:bugzilla:4.1.2", "cpe:/a:mozilla:bugzilla:3.0.8", "cpe:/a:mozilla:bugzilla:3.0.11", "cpe:/a:mozilla:bugzilla:3.0.0", "cpe:/a:mozilla:bugzilla:3.2.10", "cpe:/a:mozilla:bugzilla:3.0.6", "cpe:/a:mozilla:bugzilla:3.2.9", "cpe:/a:mozilla:bugzilla:3.0", "cpe:/a:mozilla:bugzilla:3.1.0", "cpe:/a:mozilla:bugzilla:3.1.2", "cpe:/a:mozilla:bugzilla:3.4.7", "cpe:/a:mozilla:bugzilla:3.5", "cpe:/a:mozilla:bugzilla:3.6.3", "cpe:/a:mozilla:bugzilla:3.0.10", "cpe:/a:mozilla:bugzilla:3.2", "cpe:/a:mozilla:bugzilla:3.0.9", "cpe:/a:mozilla:bugzilla:3.2.6", "cpe:/a:mozilla:bugzilla:3.7", "cpe:/a:mozilla:bugzilla:3.7.2", "cpe:/a:mozilla:bugzilla:3.3.4", "cpe:/a:mozilla:bugzilla:3.0.7", "cpe:/a:mozilla:bugzilla:3.0.2", "cpe:/a:mozilla:bugzilla:3.6.0", "cpe:/a:mozilla:bugzilla:3.2.1", "cpe:/a:mozilla:bugzilla:3.5.1", "cpe:/a:mozilla:bugzilla:3.6.5", "cpe:/a:mozilla:bugzilla:4.0.1", "cpe:/a:mozilla:bugzilla:3.1.4", "cpe:/a:mozilla:bugzilla:3.2.2", "cpe:/a:mozilla:bugzilla:3.2.7", "cpe:/a:mozilla:bugzilla:3.7.1", "cpe:/a:mozilla:bugzilla:3.4.9", "cpe:/a:mozilla:bugzilla:3.5.3", "cpe:/a:mozilla:bugzilla:3.1.1", "cpe:/a:mozilla:bugzilla:3.4.10", "cpe:/a:mozilla:bugzilla:3.0.3", "cpe:/a:mozilla:bugzilla:3.0.4", "cpe:/a:mozilla:bugzilla:3.1.3", "cpe:/a:mozilla:bugzilla:2.22.7", "cpe:/a:mozilla:bugzilla:3.4", "cpe:/a:mozilla:bugzilla:4.1", "cpe:/a:mozilla:bugzilla:2.23", "cpe:/a:mozilla:bugzilla:4.0", "cpe:/a:mozilla:bugzilla:3.6.2", "cpe:/a:mozilla:bugzilla:3.4.11", "cpe:/a:mozilla:bugzilla:3.6", "cpe:/a:mozilla:bugzilla:3.4.1", "cpe:/a:mozilla:bugzilla:3.7.3", "cpe:/a:mozilla:bugzilla:3.2.4", "cpe:/a:mozilla:bugzilla:3.2.3", "cpe:/a:mozilla:bugzilla:3.3.1", "cpe:/a:mozilla:bugzilla:3.0.1", "cpe:/a:mozilla:bugzilla:2.23.1", "cpe:/a:mozilla:bugzilla:3.4.6", "cpe:/a:mozilla:bugzilla:3.3.2"], "id": "CVE-2011-2380", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2380", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:39", "description": "Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2011-2977", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2977"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.6.1", "cpe:/a:mozilla:bugzilla:3.6.5", "cpe:/a:mozilla:bugzilla:4.0.1", "cpe:/a:mozilla:bugzilla:4.1.1", "cpe:/a:mozilla:bugzilla:3.6.4", "cpe:/a:mozilla:bugzilla:3.7.1", "cpe:/a:mozilla:bugzilla:4.0", "cpe:/a:mozilla:bugzilla:3.6.2", "cpe:/a:mozilla:bugzilla:3.7.2", "cpe:/a:mozilla:bugzilla:3.7.3", "cpe:/a:mozilla:bugzilla:3.6.3", "cpe:/a:mozilla:bugzilla:4.1.2", "cpe:/a:mozilla:bugzilla:3.7", "cpe:/a:mozilla:bugzilla:3.6.0", "cpe:/a:mozilla:bugzilla:4.1"], "id": "CVE-2011-2977", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2977", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:09:26", "description": "Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2011-2379", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2379"], "modified": "2021-07-23T15:12:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.5.2", "cpe:/a:mozilla:bugzilla:3.4.5", "cpe:/a:mozilla:bugzilla:3.3.3", "cpe:/a:mozilla:bugzilla:2.22.6", "cpe:/a:mozilla:bugzilla:2.16.3", "cpe:/a:mozilla:bugzilla:2.16.2", "cpe:/a:mozilla:bugzilla:3.4.8", "cpe:/a:mozilla:bugzilla:2.17.5", "cpe:/a:mozilla:bugzilla:3.0.11", "cpe:/a:mozilla:bugzilla:2.12", "cpe:/a:mozilla:bugzilla:2.21.1", "cpe:/a:mozilla:bugzilla:2.16.6", "cpe:/a:mozilla:bugzilla:2.16.5", "cpe:/a:mozilla:bugzilla:3.0.9", "cpe:/a:mozilla:bugzilla:2.17.4", "cpe:/a:mozilla:bugzilla:3.2.2", "cpe:/a:mozilla:bugzilla:4.0.1", "cpe:/a:mozilla:bugzilla:2.22", "cpe:/a:mozilla:bugzilla:3.2.7", "cpe:/a:mozilla:bugzilla:2.16", "cpe:/a:mozilla:bugzilla:3.7.1", "cpe:/a:mozilla:bugzilla:2.17.6", "cpe:/a:mozilla:bugzilla:3.5.3", "cpe:/a:mozilla:bugzilla:3.0.4", "cpe:/a:mozilla:bugzilla:2.22.7", "cpe:/a:mozilla:bugzilla:2.16.1", "cpe:/a:mozilla:bugzilla:3.6.2", "cpe:/a:mozilla:bugzilla:2.18", "cpe:/a:mozilla:bugzilla:3.4.1", "cpe:/a:mozilla:bugzilla:2.14.2", "cpe:/a:mozilla:bugzilla:3.7.3", "cpe:/a:mozilla:bugzilla:2.20.1", "cpe:/a:mozilla:bugzilla:3.3.2", "cpe:/a:mozilla:bugzilla:3.6.1", "cpe:/a:mozilla:bugzilla:2.19.3", "cpe:/a:mozilla:bugzilla:3.4.2", "cpe:/a:mozilla:bugzilla:3.0.8", "cpe:/a:mozilla:bugzilla:2.14.1", "cpe:/a:mozilla:bugzilla:2.14.5", "cpe:/a:mozilla:bugzilla:2.17.1", "cpe:/a:mozilla:bugzilla:2.18.3", "cpe:/a:mozilla:bugzilla:2.21", "cpe:/a:mozilla:bugzilla:3.2.9", "cpe:/a:mozilla:bugzilla:2.17.3", "cpe:/a:mozilla:bugzilla:2.17", "cpe:/a:mozilla:bugzilla:3.0.7", "cpe:/a:mozilla:bugzilla:3.5.1", "cpe:/a:mozilla:bugzilla:3.4.9", "cpe:/a:mozilla:bugzilla:2.16.11", "cpe:/a:mozilla:bugzilla:2.22.2", "cpe:/a:mozilla:bugzilla:2.16.4", "cpe:/a:mozilla:bugzilla:2.16.8", "cpe:/a:mozilla:bugzilla:2.18.2", "cpe:/a:mozilla:bugzilla:3.4", "cpe:/a:mozilla:bugzilla:4.1", "cpe:/a:mozilla:bugzilla:2.22.3", "cpe:/a:mozilla:bugzilla:3.2.3", "cpe:/a:mozilla:bugzilla:3.3.1", "cpe:/a:mozilla:bugzilla:2.6", "cpe:/a:mozilla:bugzilla:2.19.1", "cpe:/a:mozilla:bugzilla:3.0.5", "cpe:/a:mozilla:bugzilla:4.1.1", "cpe:/a:mozilla:bugzilla:3.2.8", "cpe:/a:mozilla:bugzilla:2.19.2", "cpe:/a:mozilla:bugzilla:2.16.9", "cpe:/a:mozilla:bugzilla:2.14", "cpe:/a:mozilla:bugzilla:2.22.1", "cpe:/a:mozilla:bugzilla:3.0.0", "cpe:/a:mozilla:bugzilla:2.18.4", "cpe:/a:mozilla:bugzilla:2.14.3", "cpe:/a:mozilla:bugzilla:2.8", "cpe:/a:mozilla:bugzilla:2.21.2", "cpe:/a:mozilla:bugzilla:2.20.3", "cpe:/a:mozilla:bugzilla:3.2.6", "cpe:/a:mozilla:bugzilla:3.4.7", "cpe:/a:mozilla:bugzilla:3.6.3", "cpe:/a:mozilla:bugzilla:3.2", "cpe:/a:mozilla:bugzilla:3.7.2", "cpe:/a:mozilla:bugzilla:3.3.4", "cpe:/a:mozilla:bugzilla:2.9", "cpe:/a:mozilla:bugzilla:2.19", "cpe:/a:mozilla:bugzilla:2.10", "cpe:/a:mozilla:bugzilla:3.2.1", "cpe:/a:mozilla:bugzilla:2.20.2", "cpe:/a:mozilla:bugzilla:2.20.4", "cpe:/a:mozilla:bugzilla:3.0.3", "cpe:/a:mozilla:bugzilla:2.16.10", "cpe:/a:mozilla:bugzilla:2.20", "cpe:/a:mozilla:bugzilla:4.0", "cpe:/a:mozilla:bugzilla:3.2.4", "cpe:/a:mozilla:bugzilla:2.22.4", "cpe:/a:mozilla:bugzilla:3.0.1", "cpe:/a:mozilla:bugzilla:2.16.7", "cpe:/a:mozilla:bugzilla:2.22.5", "cpe:/a:mozilla:bugzilla:3.4.6", "cpe:/a:mozilla:bugzilla:3.2.5", "cpe:/a:mozilla:bugzilla:3.6.4", "cpe:/a:mozilla:bugzilla:3.4.3", "cpe:/a:mozilla:bugzilla:3.4.4", "cpe:/a:mozilla:bugzilla:4.1.2", "cpe:/a:mozilla:bugzilla:3.2.10", "cpe:/a:mozilla:bugzilla:3.0.6", "cpe:/a:mozilla:bugzilla:2.17.7", "cpe:/a:mozilla:bugzilla:3.0.10", "cpe:/a:mozilla:bugzilla:3.5", "cpe:/a:mozilla:bugzilla:2.14.4", "cpe:/a:mozilla:bugzilla:3.7", "cpe:/a:mozilla:bugzilla:3.0.2", "cpe:/a:mozilla:bugzilla:3.6.5", "cpe:/a:mozilla:bugzilla:2.18.5", "cpe:/a:mozilla:bugzilla:3.4.10", "cpe:/a:mozilla:bugzilla:2.4", "cpe:/a:mozilla:bugzilla:3.6", "cpe:/a:mozilla:bugzilla:3.4.11", "cpe:/a:mozilla:bugzilla:2.18.1"], "id": "CVE-2011-2379", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2379", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:19:40", "description": "Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail change notifications, which makes it easier for remote attackers to perform arbitrary address changes by leveraging an unattended workstation.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2011-2978", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2978"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.5.2", "cpe:/a:mozilla:bugzilla:3.4.5", "cpe:/a:mozilla:bugzilla:3.3.3", "cpe:/a:mozilla:bugzilla:2.22.6", "cpe:/a:mozilla:bugzilla:2.16.3", "cpe:/a:mozilla:bugzilla:2.16.2", "cpe:/a:mozilla:bugzilla:2.17.5", "cpe:/a:mozilla:bugzilla:3.4.8", "cpe:/a:mozilla:bugzilla:3.0.11", "cpe:/a:mozilla:bugzilla:2.21.1", "cpe:/a:mozilla:bugzilla:2.16.6", "cpe:/a:mozilla:bugzilla:2.16.5", "cpe:/a:mozilla:bugzilla:3.1.0", "cpe:/a:mozilla:bugzilla:3.0.9", "cpe:/a:mozilla:bugzilla:2.17.4", "cpe:/a:mozilla:bugzilla:3.2.2", "cpe:/a:mozilla:bugzilla:4.0.1", "cpe:/a:mozilla:bugzilla:2.22", "cpe:/a:mozilla:bugzilla:3.2.7", "cpe:/a:mozilla:bugzilla:2.16", "cpe:/a:mozilla:bugzilla:3.7.1", "cpe:/a:mozilla:bugzilla:2.17.6", "cpe:/a:mozilla:bugzilla:3.5.3", "cpe:/a:mozilla:bugzilla:3.0.4", "cpe:/a:mozilla:bugzilla:2.22.7", "cpe:/a:mozilla:bugzilla:2.16.1", "cpe:/a:mozilla:bugzilla:3.6.2", "cpe:/a:mozilla:bugzilla:2.18", "cpe:/a:mozilla:bugzilla:3.4.1", "cpe:/a:mozilla:bugzilla:3.7.3", "cpe:/a:mozilla:bugzilla:3.3.2", "cpe:/a:mozilla:bugzilla:2.20.1", "cpe:/a:mozilla:bugzilla:3.6.1", "cpe:/a:mozilla:bugzilla:2.19.3", "cpe:/a:mozilla:bugzilla:3.4.2", "cpe:/a:mozilla:bugzilla:2.20.6", "cpe:/a:mozilla:bugzilla:3.0.8", "cpe:/a:mozilla:bugzilla:2.17.1", "cpe:/a:mozilla:bugzilla:2.18.3", "cpe:/a:mozilla:bugzilla:2.21", "cpe:/a:mozilla:bugzilla:3.2.9", "cpe:/a:mozilla:bugzilla:2.17.3", "cpe:/a:mozilla:bugzilla:2.17", "cpe:/a:mozilla:bugzilla:3.1.2", "cpe:/a:mozilla:bugzilla:3.0.7", "cpe:/a:mozilla:bugzilla:3.5.1", "cpe:/a:mozilla:bugzilla:3.1.4", "cpe:/a:mozilla:bugzilla:2.16.11", "cpe:/a:mozilla:bugzilla:3.1.1", "cpe:/a:mozilla:bugzilla:2.22.2", "cpe:/a:mozilla:bugzilla:2.16.4", "cpe:/a:mozilla:bugzilla:3.4.9", "cpe:/a:mozilla:bugzilla:2.16.8", "cpe:/a:mozilla:bugzilla:2.18.2", "cpe:/a:mozilla:bugzilla:3.1.3", "cpe:/a:mozilla:bugzilla:3.4", "cpe:/a:mozilla:bugzilla:2.20.7", "cpe:/a:mozilla:bugzilla:4.1", "cpe:/a:mozilla:bugzilla:2.22.3", "cpe:/a:mozilla:bugzilla:3.2.3", "cpe:/a:mozilla:bugzilla:3.3.1", "cpe:/a:mozilla:bugzilla:2.19.1", "cpe:/a:mozilla:bugzilla:3.0.5", "cpe:/a:mozilla:bugzilla:4.1.1", "cpe:/a:mozilla:bugzilla:2.16.9", "cpe:/a:mozilla:bugzilla:2.19.2", "cpe:/a:mozilla:bugzilla:3.2.8", "cpe:/a:mozilla:bugzilla:2.22.1", "cpe:/a:mozilla:bugzilla:3.0.0", "cpe:/a:mozilla:bugzilla:2.18.4", "cpe:/a:mozilla:bugzilla:2.21.2", "cpe:/a:mozilla:bugzilla:3.0", "cpe:/a:mozilla:bugzilla:2.20.3", "cpe:/a:mozilla:bugzilla:3.2.6", "cpe:/a:mozilla:bugzilla:3.4.7", "cpe:/a:mozilla:bugzilla:3.6.3", "cpe:/a:mozilla:bugzilla:3.2", "cpe:/a:mozilla:bugzilla:2.19", "cpe:/a:mozilla:bugzilla:3.3.4", "cpe:/a:mozilla:bugzilla:3.7.2", "cpe:/a:mozilla:bugzilla:3.6.0", "cpe:/a:mozilla:bugzilla:3.2.1", "cpe:/a:mozilla:bugzilla:3.3", "cpe:/a:mozilla:bugzilla:2.20.2", "cpe:/a:mozilla:bugzilla:2.20.4", "cpe:/a:mozilla:bugzilla:3.0.3", "cpe:/a:mozilla:bugzilla:2.16.10", "cpe:/a:mozilla:bugzilla:2.20", "cpe:/a:mozilla:bugzilla:4.0", "cpe:/a:mozilla:bugzilla:3.2.4", "cpe:/a:mozilla:bugzilla:2.22.4", "cpe:/a:mozilla:bugzilla:2.16.7", "cpe:/a:mozilla:bugzilla:3.0.1", "cpe:/a:mozilla:bugzilla:2.22.5", "cpe:/a:mozilla:bugzilla:3.4.6", "cpe:/a:mozilla:bugzilla:3.2.5", "cpe:/a:mozilla:bugzilla:3.6.4", "cpe:/a:mozilla:bugzilla:3.4.3", "cpe:/a:mozilla:bugzilla:3.4.4", "cpe:/a:mozilla:bugzilla:4.1.2", "cpe:/a:mozilla:bugzilla:2.20.5", "cpe:/a:mozilla:bugzilla:2.17.7", "cpe:/a:mozilla:bugzilla:3.2.10", "cpe:/a:mozilla:bugzilla:3.0.6", "cpe:/a:mozilla:bugzilla:3.0.10", "cpe:/a:mozilla:bugzilla:3.5", "cpe:/a:mozilla:bugzilla:3.0.2", "cpe:/a:mozilla:bugzilla:3.7", "cpe:/a:mozilla:bugzilla:3.6.5", "cpe:/a:mozilla:bugzilla:2.18.5", "cpe:/a:mozilla:bugzilla:3.4.10", "cpe:/a:mozilla:bugzilla:2.18.6", "cpe:/a:mozilla:bugzilla:3.6", "cpe:/a:mozilla:bugzilla:3.4.11", "cpe:/a:mozilla:bugzilla:2.18.1"], "id": "CVE-2011-2978", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2978", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:18:29", "description": "Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.", "cvss3": {}, "published": "2010-08-16T15:14:00", "type": "cve", "title": "CVE-2010-2756", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2756"], "modified": "2010-09-08T05:48:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.2.3", "cpe:/a:mozilla:bugzilla:2.20.3", "cpe:/a:mozilla:bugzilla:2.20.1", "cpe:/a:mozilla:bugzilla:3.0.4", "cpe:/a:mozilla:bugzilla:2.19.1", "cpe:/a:mozilla:bugzilla:3.7.1", "cpe:/a:mozilla:bugzilla:2.22.6", "cpe:/a:mozilla:bugzilla:2.22.7", "cpe:/a:mozilla:bugzilla:2.6", "cpe:/a:mozilla:bugzilla:2.19.2", "cpe:/a:mozilla:bugzilla:3.1.2", "cpe:/a:mozilla:bugzilla:2.23.3", "cpe:/a:mozilla:bugzilla:2.21.2", "cpe:/a:mozilla:bugzilla:3.4.7", "cpe:/a:mozilla:bugzilla:3.4.3", "cpe:/a:mozilla:bugzilla:2.21.1", "cpe:/a:mozilla:bugzilla:3.0.10", "cpe:/a:mozilla:bugzilla:2.19.3", "cpe:/a:mozilla:bugzilla:3.4.4", "cpe:/a:mozilla:bugzilla:2.2", "cpe:/a:mozilla:bugzilla:3.0.8", "cpe:/a:mozilla:bugzilla:3.3.3", "cpe:/a:mozilla:bugzilla:3.4.6", "cpe:/a:mozilla:bugzilla:2.4", "cpe:/a:mozilla:bugzilla:2.22.3", "cpe:/a:mozilla:bugzilla:2.23.2", "cpe:/a:mozilla:bugzilla:3.0.1", "cpe:/a:mozilla:bugzilla:3.5.1", "cpe:/a:mozilla:bugzilla:3.4.2", "cpe:/a:mozilla:bugzilla:3.2.2", "cpe:/a:mozilla:bugzilla:3.2.6", "cpe:/a:mozilla:bugzilla:2.9", "cpe:/a:mozilla:bugzilla:3.5.3", "cpe:/a:mozilla:bugzilla:3.1.0", "cpe:/a:mozilla:bugzilla:2.22.5", "cpe:/a:mozilla:bugzilla:3.6.1", "cpe:/a:mozilla:bugzilla:2.21", "cpe:/a:mozilla:bugzilla:3.2", "cpe:/a:mozilla:bugzilla:3.3.2", "cpe:/a:mozilla:bugzilla:3.0.3", "cpe:/a:mozilla:bugzilla:2.22.4", "cpe:/a:mozilla:bugzilla:3.0.7", "cpe:/a:mozilla:bugzilla:2.20.4", "cpe:/a:mozilla:bugzilla:3.1.1", "cpe:/a:mozilla:bugzilla:2.20.2", "cpe:/a:mozilla:bugzilla:3.2.5", "cpe:/a:mozilla:bugzilla:3.0.6", "cpe:/a:mozilla:bugzilla:3.7", "cpe:/a:mozilla:bugzilla:2.23.1", "cpe:/a:mozilla:bugzilla:3.4.1", "cpe:/a:mozilla:bugzilla:3.0.9", "cpe:/a:mozilla:bugzilla:3.0.2", "cpe:/a:mozilla:bugzilla:3.2.7", "cpe:/a:mozilla:bugzilla:2.20", "cpe:/a:mozilla:bugzilla:3.0.11", "cpe:/a:mozilla:bugzilla:2.23.4", "cpe:/a:mozilla:bugzilla:3.0.0", "cpe:/a:mozilla:bugzilla:3.3.4", "cpe:/a:mozilla:bugzilla:2.22", "cpe:/a:mozilla:bugzilla:3.7.2", "cpe:/a:mozilla:bugzilla:3.5.2", "cpe:/a:mozilla:bugzilla:2.8", "cpe:/a:mozilla:bugzilla:2.20.6", "cpe:/a:mozilla:bugzilla:2.23", "cpe:/a:mozilla:bugzilla:2.20.5", "cpe:/a:mozilla:bugzilla:2.20.7", "cpe:/a:mozilla:bugzilla:3.4.5", "cpe:/a:mozilla:bugzilla:3.0", "cpe:/a:mozilla:bugzilla:3.2.4", "cpe:/a:mozilla:bugzilla:3.0.5", "cpe:/a:mozilla:bugzilla:2.22.1", "cpe:/a:mozilla:bugzilla:3.1.3", "cpe:/a:mozilla:bugzilla:3.3.1", "cpe:/a:mozilla:bugzilla:3.6"], "id": "CVE-2010-2756", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2756", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.23.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:25:31", "description": "Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977.", "cvss3": {}, "published": "2011-08-09T19:55:00", "type": "cve", "title": "CVE-2008-7292", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7292", "CVE-2011-2977"], "modified": "2012-08-02T04:00:00", "cpe": ["cpe:/a:mozilla:bugzilla:3.0.0", "cpe:/a:mozilla:bugzilla:2.20", "cpe:/a:mozilla:bugzilla:3.0", "cpe:/a:mozilla:bugzilla:2.22", "cpe:/a:mozilla:bugzilla:2.22.2", "cpe:/a:mozilla:bugzilla:2.22.1", "cpe:/a:mozilla:bugzilla:2.20.3", "cpe:/a:mozilla:bugzilla:3.0.1", "cpe:/a:mozilla:bugzilla:3.0.2", "cpe:/a:mozilla:bugzilla:2.20.2", "cpe:/a:mozilla:bugzilla:2.20.4", "cpe:/a:mozilla:bugzilla:2.20.1"], "id": "CVE-2008-7292", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7292", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:bugzilla:3.0.0:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2022-01-17T19:13:33", "description": "### Background\n\nBugzilla is the bug-tracking system from the Mozilla project.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could conduct cross-site scripting attacks, conduct script insertion and spoofing attacks, hijack the authentication of arbitrary users, inject arbitrary HTTP headers, obtain access to arbitrary accounts, disclose the existence of confidential groups and its names, or inject arbitrary e-mail headers. \n\nA local attacker could disclose the contents of temporarfy files for uploaded attachments. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Bugzilla users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apps/bugzilla-3.6.6\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since August 27, 2011. It is likely that your system is already no longer affected by this issue.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "gentoo", "title": "Bugzilla: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2761", "CVE-2010-3172", "CVE-2010-3764", "CVE-2010-4411", "CVE-2010-4567", "CVE-2010-4568", "CVE-2010-4569", "CVE-2010-4570", "CVE-2010-4572", "CVE-2011-0046", "CVE-2011-0048", "CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2976", "CVE-2011-2977", "CVE-2011-2978", "CVE-2011-2979"], "modified": "2011-10-10T00:00:00", "id": "GLSA-201110-03", "href": "https://security.gentoo.org/glsa/201110-03", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T00:11:27", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2322-1 security@debian.org\nhttp://www.debian.org/security/ Jonathan Wiltshire\nOctober 10, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bugzilla\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-201-2979 CVE-2010-4567 CVE-2010-4568 CVE-2010-4572 \n CVE-2011-0046 CVE-2011-0048 CVE-2011-2379 CVE-2011-2380 \n CVE-2011-2381 CVE-2011-2978 \n\nSeveral vulnerabilities were discovered in Bugzilla, a web-based bug\ntracking system.\n\nCVE-2010-4572\n\n By inserting particular strings into certain URLs, it was\n possible to inject both headers and content to any\n browser.\n\nCVE-2010-4567, CVE-2011-0048\n\n Bugzilla has a "URL" field that can contain several types\n of URL, including "javascript:" and "data:" URLs. However,\n it does not make "javascript:" and "data:" URLs into\n clickable links, to protect against cross-site scripting\n attacks or other attacks. It was possible to bypass this\n protection by adding spaces into the URL in places that\n Bugzilla did not expect them. Also, "javascript:" and\n "data:" links were *always* shown as clickable to\n logged-out users.\n\nCVE-2010-4568\n\n It was possible for a user to gain unauthorized access to\n any Bugzilla account in a very short amount of time (short\n enough that the attack is highly effective).\n\nCVE-2011-0046\n\n Various pages were vulnerable to Cross-Site Request\n Forgery attacks. Most of these issues are not as serious\n as previous CSRF vulnerabilities.\n\nCVE-2011-2978\n\n When a user changes his email address, Bugzilla trusts\n a user-modifiable field for obtaining the current e-mail\n address to send a confirmation message to. If an attacker\n has access to the session of another user (for example,\n if that user left their browser window open in a public\n place), the attacker could alter this field to cause\n the email-change notification to go to their own address.\n This means that the user would not be notified that his\n account had its email address changed by the attacker.\n\nCVE-2011-2381\n\n For flagmails only, attachment descriptions with a newline\n in them could lead to the injection of crafted headers in\n email notifications when an attachment flag is edited.\n\nCVE-2011-2379\n\n Bugzilla uses an alternate host for attachments when\n viewing them in raw format to prevent cross-site scripting\n attacks. This alternate host is now also used when viewing\n patches in "Raw Unified" mode because Internet Explorer 8\n and older, and Safari before 5.0.6 do content sniffing,\n which could lead to the execution of malicious code.\n\nCVE-2011-2380 CVE-201-2979\n\n Normally, a group name is confidential and is only visible\n to members of the group, and to non-members if the group\n is used in bugs. By crafting the URL when creating or\n editing a bug, it was possible to guess if a group existed\n or not, even for groups which weren't used in bugs and so\n which were supposed to remain confidential.\n\nFor the oldstable distribution (lenny), it has not been practical to\nbackport patches to fix these bugs. Users of bugzilla on lenny are \nstrongly advised to upgrade to the version in the squeeze distribution.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 3.6.2.0-4.4.\n\nFor the testing distribution (wheezy) and the unstable distribution (sid),\nthe bugzilla packages have been removed.\n\nWe recommend that you upgrade your bugzilla packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-10-10T16:12:14", "type": "debian", "title": "[SECURITY] [DSA 2322-1] bugzilla security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4567", "CVE-2010-4568", "CVE-2010-4572", "CVE-2011-0046", "CVE-2011-0048", "CVE-2011-2379", "CVE-2011-2380", "CVE-2011-2381", "CVE-2011-2978"], "modified": "2011-10-10T16:12:14", "id": "DEBIAN:DSA-2322-1:07C6A", "href": "https://lists.debian.org/debian-security-announce/2011/msg00199.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:56:27", "description": "Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through\n2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote\nattackers to inject arbitrary web script or HTML via vectors involving a\nBUGLIST cookie.\n\n#### Bugs\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=660053>\n", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2976", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2976"], "modified": "2011-08-09T00:00:00", "id": "UB:CVE-2011-2976", "href": "https://ubuntu.com/security/CVE-2011-2976", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:56:27", "description": "Bugzilla 4.1.x before 4.1.3 generates different responses for certain\nassignee queries depending on whether the group name is valid, which allows\nremote attackers to determine the existence of private group names via a\ncustom search. NOTE: this vulnerability exists because of a CVE-2010-2756\nregression.\n\n#### Bugs\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=674497>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | 4.1.x only\n", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2979", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2979"], "modified": "2011-08-09T00:00:00", "id": "UB:CVE-2011-2979", "href": "https://ubuntu.com/security/CVE-2011-2979", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:56:34", "description": "CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x\nthrough 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x\nbefore 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject\narbitrary e-mail headers via an attachment description in a flagmail\nnotification.\n\n#### Bugs\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=657158>\n", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2381", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2381"], "modified": "2011-08-09T00:00:00", "id": "UB:CVE-2011-2381", "href": "https://ubuntu.com/security/CVE-2011-2381", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:56:27", "description": "Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12,\n3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before\n4.1.3 allows remote attackers to determine the existence of private group\nnames via a crafted parameter during (1) bug creation or (2) bug editing.\n\n#### Bugs\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=653477>\n", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2380", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2380"], "modified": "2011-08-09T00:00:00", "id": "UB:CVE-2011-2380", "href": "https://ubuntu.com/security/CVE-2011-2380", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:56:27", "description": "Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before\n4.1.3 on Windows does not delete the temporary files associated with\nuploaded attachments, which allows local users to obtain sensitive\ninformation by reading these files. NOTE: this issue exists because of a\nregression in 3.6.\n\n#### Bugs\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=660502>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | windows-specific\n", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2977", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2977"], "modified": "2011-08-09T00:00:00", "id": "UB:CVE-2011-2977", "href": "https://ubuntu.com/security/CVE-2011-2977", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-11-22T21:56:27", "description": "Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7,\n3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x,\n4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9\nor Safari before 5.0.6 is used for Raw Unified mode, allows remote\nattackers to inject arbitrary web script or HTML via a crafted patch,\nrelated to content sniffing.\n\n#### Bugs\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=637981>\n", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2379", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2379"], "modified": "2011-08-09T00:00:00", "id": "UB:CVE-2011-2379", "href": "https://ubuntu.com/security/CVE-2011-2379", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:56:27", "description": "Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12,\n3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before\n4.1.3 does not prevent changes to the confirmation e-mail address (aka\nold_email field) for e-mail change notifications, which makes it easier for\nremote attackers to perform arbitrary address changes by leveraging an\nunattended workstation.\n\n#### Bugs\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=670868>\n", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2978", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2978"], "modified": "2011-08-09T00:00:00", "id": "UB:CVE-2011-2978", "href": "https://ubuntu.com/security/CVE-2011-2978", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:58:21", "description": "Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1\nthrough 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine\nthe group memberships of arbitrary users via vectors involving the Search\ninterface, boolean charts, and group-based pronouns.", "cvss3": {}, "published": "2010-08-16T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2756", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2756"], "modified": "2010-08-16T00:00:00", "id": "UB:CVE-2010-2756", "href": "https://ubuntu.com/security/CVE-2010-2756", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "seebug": [{"lastseen": "2017-11-19T18:00:58", "description": "BUGTRAQ ID: 49042\r\nCVE ID: CVE-2011-2977\r\n\r\nBugzilla\u662f\u5f88\u591a\u8f6f\u4ef6\u9879\u76ee\u90fd\u5728\u4f7f\u7528\u7684\u57fa\u4e8eWeb\u7684BUG\u8ddf\u8e2a\u7cfb\u7edf\u3002\r\n\r\nBugzilla\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff0c\u6267\u884c\u811a\u672c\u63d2\u5165\u548c\u6b3a\u9a97\u653b\u51fb\u3002\r\n\r\n\u7528\u4e8e\u4e0a\u4f20\u9644\u4ef6\u7684\u4e34\u65f6\u6587\u4ef6\u6ca1\u6709\u5728Windows\u4e0a\u5220\u9664\u3002\u5bf9\u670d\u52a1\u5668\u6709\u672c\u5730\u8bbf\u95ee\u6743\u9650\u7684\u7528\u6237\u53ef\u5728\u901a\u5e38\u60c5\u51b5\u4e0b\u4e0d\u5141\u8bb8\u4eceBugzilla\u4e2d\u67e5\u770b\u9644\u4ef6\u65f6\u67e5\u770b\u9644\u4ef6\u3002\r\n\r\nMozilla Bugzilla 4.x\r\nMozilla Bugzilla 3.x\r\nMozilla Bugzilla 2.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mozilla.org/", "cvss3": {}, "published": "2011-08-09T00:00:00", "title": "Mozilla Bugzilla\u8d8a\u6743\u8bbf\u95ee\u6f0f\u6d1e(CVE-2011-2977)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2977"], "modified": "2011-08-09T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20818", "id": "SSV:20818", "sourceData": "", "sourceHref": "", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T18:00:35", "description": "BUGTRAQ ID: 49166\r\nCVE ID: CVE-2011-0084,CVE-2011-2978,CVE-2011-2980,CVE-2011-2981,CVE-2011-2982,CVE-2011-2983,CVE-2011-2984,CVE-2011-2985,CVE-2011-2986,CVE-2011-2987,CVE-2011-2988,CVE-2011-2989,CVE-2011-2990,CVE-2011-2991,CVE-2011-2992,CVE-2011-2993\r\n\r\nFirefox\u662f\u4e00\u6b3e\u975e\u5e38\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002Thunderbird\u662f\u4e00\u4e2a\u90ae\u4ef6\u5ba2\u6237\u7aef\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002SeaMonkey\u662f\u5f00\u6e90\u7684Web\u6d4f\u89c8\u5668\u3001\u90ae\u4ef6\u548c\u65b0\u95fb\u7ec4\u5ba2\u6237\u7aef\u3001IRC\u4f1a\u8bdd\u5ba2\u6237\u7aef\u548cHTML\u7f16\u8f91\u5668\u3002\r\n\r\nMozilla Firefox/Thunderbird/SeaMonkey\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u4f7f\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff0c\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\n\nMozilla Thunderbird 3.x\r\nMozilla Thunderbird 2.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\nMozilla\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08mfsa2011-29\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nmfsa2011-29\uff1aMozilla Foundation Security Advisory 2011-29\r\n\r\n\u94fe\u63a5\uff1ahttp://www.mozilla.org/security/announce/2011/mfsa2011-29.html", "cvss3": {}, "published": "2011-08-18T00:00:00", "title": "Mozilla Firefox/Thunderbird/SeaMonkey\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-0084", "CVE-2011-2978", "CVE-2011-2980", "CVE-2011-2981", "CVE-2011-2982", "CVE-2011-2983", "CVE-2011-2984", "CVE-2011-2985", "CVE-2011-2986", "CVE-2011-2987", "CVE-2011-2988", "CVE-2011-2989", "CVE-2011-2990", "CVE-2011-2991", "CVE-2011-2992", "CVE-2011-2993"], "modified": "2011-08-18T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20867", "id": "SSV:20867", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
