[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list]
Date: Tue, 13 May 2008 13:07:11 +0200
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: Re: CVE request: Bugzilla (Unauthorized Bug Change, XSS, Account Impersonation)
Am Mittwoch 07 Mai 2008 schrieb Steven M. Christey:
> ======================================================
> Name: CVE-2008-2104
> Status: Candidate
> URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2104
> Reference: CONFIRM:http://www.bugzilla.org/security/2.20.5/
> Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=415471
> Reference: BID:29038
> Reference: URL:http://www.securityfocus.com/bid/29038
> Reference: FRSIRT:ADV-2008-1428
> Reference:
> URL:http://www.frsirt.com/english/advisories/2008/1428/references
> Reference: SECTRACK:1019968
> Reference: URL:http://www.securitytracker.com/id?1019968
> Reference: SECUNIA:30064
> Reference: URL:http://secunia.com/advisories/30064
> Reference: XF:bugzilla-xmlrpc-security-bypass(42218)
> Reference: URL:http://xforce.iss.net/xforce/xfdb/42218
>
> The WebService in Bugzilla before 3.1.3 allows remote authenticated
> users without canconfirm privileges to create NEW or ASSIGNED bug
> entries via a request to the XML-RPC interface, which bypasses the
> canconfirm check.
I think this should be "3.1.3 and before" ?
As 3.1.3 is also affected according to the upstream advisory.
--
Hanno Böck Blog: http://www.hboeck.de/
GPG: 3DBD3B20 Jabber/Mail: hanno@...eck.de
[ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux