9 matches found
Fedora 21 : bugzilla-4.4.10-1.fc21 (2015-15768)
Security fix for CVE-2015-4499 A security problem was found in supported versions of Bugzilla. Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected email address. Bugzilla 4.4.10 fixes the issue for the 4.4 branch of...
Fedora Update for bugzilla FEDORA-2015-15767
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security advisory for Bugzilla 5.0, 4.4.9, and 4.2.14
Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected ema...
Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15
Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected ema...
Fedora 23 : bugzilla-4.4.10-1.fc23 (2015-15769)
Security fix for CVE-2015-4499 A security problem was found in supported versions of Bugzilla. Login names longer than 127 characters can be corrupted, which could lead to the creation of a user account with an unexpected email address. Bugzilla 4.4.10 fixes the issue for the 4.4 branch of...
Bugzilla < 4.2.15 / 4.4.10 / 5.0.1 Unauthorized Account Creation Vulnerability
According to its banner, the version of Bugzilla running on the remote host contains a flaw that causes input passed via the 'login' parameter to be truncated, resulting in domain names of email addresses becoming corrupted. An unauthenticated, remote attacker can exploit this to create accounts...
Bugzilla Mail Authentication Mechanism Bypass (CVE-2015-4499)
An authentication mechanism bypass vulnerability has been found in Bugzilla. Any unauthenticated remote attacker may leverage this vulnerability to gain access to database information regarding unpatched bugs, and exploit them to attack the affected pieces of software before security patches are...
Bugzilla Privilege Escalation Security Patch
Developers and organizations that use the Bugzilla open source bug-tracking system should upgrade to current versions after the disclosure of details of a vulnerability in its email-based permissions process. The flaw, CVE-2015-4499, was patched last week in versions 4.2.15, 4.4.10 and 5.0.1 afte...
CVE-2015-4499
CVE-2015-4499 affects Bugzilla across multiple branches (Bugzilla 2.x/3.x/4.x pre-4.2.15, pre-4.4.10 for 4.x line, and 5.x pre-5.0.1). The flaw mishandles long e-mail addresses during account creation, truncating login names longer than 127 characters (notably an @mozilla.com.example.com address ...