11 matches found
SUSE CVE-2010-3172
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...
Gentoo Security Advisory GLSA 201110-03 (bugzilla)
The remote host is missing updates announced in advisory GLSA 201110-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openSUSE Security Update : perl (openSUSE-SU-2011:0064-1)
Multiple header injection problems in the CGI module of perl have been fixed. They allowed to inject HTTP headers in responses. CVE-2010-2761, CVE-2010-4410 and CVE-2010-4411 have been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
openSUSE Security Update : perl-CGI-Simple (openSUSE-SU-2011:0020-1)
A HTTP header injection attack was fixed in perl-CGI-Simple. CVE-2010-2761 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update perl-CGI-Simple-3785. The text...
SuSE 10 Security Update : Perl (ZYPP Patch Number 7316)
Multiple header injection problems in the CGI module of perl have been fixed. They allowed to inject HTTP headers in responses. - have been assigned to this issue. CVE-2010-2761 / CVE-2010-4410 / CVE-2010-4411 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugi...
SuSE 11.1 Security Update : perl (SAT Patch Number 3804)
Multiple header injection problems in the CGI module of perl have been fixed. They allowed to inject HTTP headers in responses. CVE-2010-2761 / CVE-2010-4410 / CVE-2010-4411 have been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Fedora Update for bugzilla FEDORA-2010-17274
Check for the Version of bugzilla OpenVAS Vulnerability Test Fedora Update for bugzilla FEDORA-2010-17274 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CVE-2010-3172
CVE-2010-3172 describes a CRLF injection/HTTP response-splitting vulnerability in Bugzilla when Server Push is enabled, allowing a crafted URL to inject arbitrary HTTP headers and content. Affected Bugzilla versions: 3.2.9 and later within 3.2.x; 3.4.x before 3.4.9; 3.6.x before 3.6.3; 4.0.x befo...
Bugzilla < 3.2.9 / 3.4.9 / 3.6.3 Multiple Vulnerabilities
Binary data 5700.prm...
Bugzilla Response Splitting and Security Bypass Vulnerabilities
Bugzilla is prone to a response-splitting vulnerability and a security- bypass vulnerability. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions; obtain sensitive information; and influence or misrepresent how web content is served, cached, or...
Bugzilla Response Splitting and Security Bypass Vulnerabilities
Bugzilla is prone to a response-splitting vulnerability and a security- bypass vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...