Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   Bugzilla Vendors:
Bugzilla Lets Remote Users Modify Flags and May Disclose Private Bug Summaries to Remote Users
SecurityTracker Alert ID:  1014428
SecurityTracker URL:
CVE Reference:   CVE-2005-2173, CVE-2005-2174   (Links to External Site)
Updated:  Jun 15 2008
Original Entry Date:  Jul 8 2005
Impact:   Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2.18.2
Description:   Two vulnerabilities were reported in Bugzilla. A remote user can change the flag on a bug report. A remote user may also be able to view summaries of private bug reports.

A remote user can submit a specially crafted 'process_bug.cgi' URL to modify a flag on a bug that the user does not have access to. The script fails to validate that the flag modification is associated with the requested bug. This flaw affects versions 2.17.1 - 2.18.1 and 2.19.1 - 2.19.3.

If a private bug is entered, a remote user may be able to obtain the summary or the title of the private bug while MySQL replication is in process. Versions 2.17.1 and higher are affected.

The vendor credits Frederic Buclin, Matthias Versen, Joel Peshkin, and Myk Melez with reporting and assisting with these vulnerabilities.

Impact:   A remote user can modify the flags on arbitrary bug reports.

A remote user may also be able to view summaries of private bug reports.

Solution:   The vendor has issued fixed versions (2.18.2, 2.20rc1), available at:

Vendor URL: (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, LLC