313 matches found
BitchX: Crash when channel modes change
On May 7th 2003, we recieved a bug report through our tracking system which noted a crash problem with BitchX for all versions up to 1.0c20cvs. Certain mode changes would cause BitchX to core consistantly. This problem was resolved in less than 24 hours. The patch was commited to CVS by powuh...
CVE-2002-0809
Bugzilla 2.14 before 2.14.2 and 2.16 before 2.16rc2 mishandles URL-encoded field names generated by some browsers, causing certain fields to appear unset and resulting in removal of group permissions on bugs when buglist.cgi is used with the encoded field names. Affected components: Bugzilla bug ...
Bugzilla Software Detection
The remote web server is hosting Bugzilla, a web application for bug tracking and managing software development. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11462; scriptversion"1.26"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...
[SECURITY] [DSA 230-1] New bugzilla packages fix unauthorized data modification
-------------------------------------------------------------------------- Debian Security Advisory DSA 230-1 [email protected] http://www.debian.org/security/ Martin Schulze January 16th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 161-1] New Mantis package fixes privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 161-1 [email protected] http://www.debian.org/security/ Martin Schulze September 4th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 161-1] New Mantis package fixes privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 161-1 [email protected] http://www.debian.org/security/ Martin Schulze September 4th, 2002 http://www.debian.org/security/faq -...
DSA-161 mantis - privilege escalation
Bulletin has no description...
[Mantis Advisory/2002-06] Private bugs accessible in Mantis
Mantis Advisory/2002-06 Private bugs accessible in Mantis 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Proof of Vulnerability 6. Credit 7. Contact details 1. Introduction Mantis is an Open Source web-based bugtracking system,...
[SECURITY] [DSA 153-2] New mantis package fixes several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 153-2 [email protected] http://www.debian.org/security/ Martin Schulze August 20th, 2002 http://www.debian.org/security/faq -...
[Mantis Advisory/2002-02] Limiting output to reporters can be bypassed
Mantis Advisory/2002-02 Limiting output to reporters can be bypassed 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 6. Contact details 1. Introduction Mantis is an Open Source web-based bugtracking system,...
Anthill login and JavaScript vulnerabilities
Anthill login and JavaScript vulnerabilities PROGRAM: Anthill VENDOR: Vincent Danen [email protected] HOMEPAGE: http://anthill.vmlinuz.ca/ VULNERABLE VERSIONS: all TYPE: remote SEVERITY: high DESCRIPTION: "Anthill is a bug tracking database system written in PHP. It provides the standard bu...
ssh-1.2.27.txt
------------------------------------------------------------------- Periodically, the moderator of of the vuln-dev mailing list will post summaries of issues discussed there to Bugtraq and possibly other relevant lists. This will usually happen when an issue has been resolved, or it appears that...
sudo.info.txt
Date: Tue, 8 Jun 1999 21:23:55 +0200 From: Bencsath Boldizsar To: [email protected] Subject: unneeded information in sudo Sudo debian , v1.5.6p2-2 tells anyone if a file exists or not. It's not a very big problem, but when i set a directory not accessible to anyone but root, I want to make sur...