Lucene search
PRIOn knowledge basePRION:CVE-2009-3166HistorySep 15, 2009 - 10:30 p.m.
Default credentials
2009-09-1522:30:00
PRIOn knowledge base
www.prio-n.com
6
token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
Related
seebug
seebug
Mozilla Bugzilla URLๅฃไปคไฟกๆฏๆณ้ฒๆผๆด
2009-09-16 00:00:00
cve
cve
CVE-2009-3166
2009-09-15 22:30:00
openvas
openvas
Bugzilla URL Password Information Disclosure Vulnerability
2010-08-02 00:00:00
Bugzilla URL Password Information Disclosure Vulnerability
2010-08-02 00:00:00
FreeBSD Ports: bugzilla
2009-09-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-3166
2009-09-15 00:00:00
nvd
nvd
CVE-2009-3166
2009-09-15 22:30:00
cvelist
cvelist
CVE-2009-3166
2009-09-15 22:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: bugzilla-3.2.5-1.fc11
2009-09-19 00:06:52
[SECURITY] Fedora 10 Update: bugzilla-3.2.5-1.fc10
2009-09-19 00:11:57
[SECURITY] Fedora 11 Update: bugzilla-3.2.6-2.fc11
2010-02-09 05:10:39
nessus
nessus
FreeBSD : bugzilla -- two SQL injections, sensitive data exposure (b9ec7fe3-a38a-11de-9c6b-003048818f40)
2009-09-18 00:00:00
Bugzilla < 3.0.9/3.2.5/3.4.2 Multiple Vulnerabilities
2009-09-14 00:00:00
GLSA-201006-19 : Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00
freebsd
freebsd
bugzilla -- two SQL injections, sensitive data exposure
2009-09-11 00:00:00
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00