Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <Pine.GSO.4.51.0902091206050.25237@faron.mitre.org>
Date: Mon, 9 Feb 2009 12:06:42 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE requests: Bugzilla



======================================================
Name: CVE-2008-6098
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6098
Reference: CONFIRM:http://www.bugzilla.org/security/2.20.6/
Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=449931

Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6,
2.20 before 2.20.7, and other versions after 2.17.4 allows remote
authenticated users to bypass moderation to approve and disapprove
quips via a direct request to quips.cgi with the action parameter set
to "approve."


======================================================
Name: CVE-2009-0481
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0481
Reference: CONFIRM:http://www.bugzilla.org/security/2.22.6/

Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and
3.3 before 3.3.2 allows remote authenticated users to conduct
cross-site scripting (XSS) and related attacks by uploading HTML and
JavaScript attachments that are rendered by web browsers.


======================================================
Name: CVE-2009-0482
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0482
Reference: CONFIRM:http://www.bugzilla.org/security/2.22.6/

Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2
before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows
remote attackers to perform bug updating activities as other users via
a link or IMG tag to process_bug.cgi.


======================================================
Name: CVE-2009-0483
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0483
Reference: CONFIRM:http://www.bugzilla.org/security/2.22.6/
Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=466692
Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=472362

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22
before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before
3.3.2 allows remote attackers to delete keywords and user preferences
via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi.


======================================================
Name: CVE-2009-0484
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0484
Reference: CONFIRM:http://www.bugzilla.org/security/2.22.6/
Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=466748

Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before
3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers
to delete shared or saved searches via a link or IMG tag to
buglist.cgi.


======================================================
Name: CVE-2009-0485
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0485
Reference: CONFIRM:http://www.bugzilla.org/security/2.22.6/
Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=466692

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to
2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2
allows remote attackers to delete unused flag types via a link or IMG
tag to editflagtypes.cgi.


======================================================
Name: CVE-2009-0486
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0486
Reference: CONFIRM:http://www.bugzilla.org/security/3.0.7/

Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls
the srand function at startup time, which causes Apache children to
have the same seed and produce insufficiently random numbers for
random tokens, which allows remote attackers to bypass cross-site
request forgery (CSRF) protection mechanisms and conduct unauthorized
activities as other users.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.