Bugzilla syncshadowdb Symlink Arbitrary File Overwrite

ID OSVDB:22061
Type osvdb
Reporter OSVDB
Modified 2005-12-26T06:03:19


Solution Description

Upgrade to version 2.16.11, 2.18 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329387 Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=305353 Vendor Specific Advisory URL Security Tracker: 1015411 Secunia Advisory ID:18218 Secunia Advisory ID:22826 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0309.html CVE-2005-4534