This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200709-18
(Bugzilla: Multiple vulnerabilities)
Masahiro Yamada found that from the 2.17.1 version, Bugzilla does not
properly sanitize the content of the 'buildid' parameter when filing
bugs (CVE-2007-4543). The next two vulnerabilities only affect Bugzilla
2.23.3 or later, hence the stable Gentoo Portage tree does not contain
these two vulnerabilities: Loic Minier reported that the
'Email::Send::Sendmail()' function does not properly sanitise 'from'
email information before sending it to the '-f' parameter of
/usr/sbin/sendmail (CVE-2007-4538), and Frederic Buclin discovered that
the XML-RPC interface does not correctly check permissions in the
time-tracking fields (CVE-2007-4539).
A remote attacker could trigger the 'buildid' vulnerability by sending
a specially crafted form to Bugzilla, leading to a persistent XSS, thus
allowing for theft of credentials. With Bugzilla 2.23.3 or later, an
attacker could also execute arbitrary code with the permissions of the
web server by injecting a specially crafted 'from' email address and
gain access to normally restricted time-tracking information through
the XML-RPC service.
There is no known workaround at this time.
See also :
All Bugzilla users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose www-apps/bugzilla
Risk factor :
Medium / CVSS Base Score : 5.0