This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201006-19
(Bugzilla: Multiple vulnerabilities)
Multiple vulnerabilities have been reported in Bugzilla. Please review
the CVE identifiers referenced below for details.
A remote attacker might be able to disclose local files, bug
information, passwords, and other data under certain circumstances.
Furthermore, a remote attacker could conduct SQL injection, Cross-Site
Scripting (XSS) or Cross-Site Request Forgery (CSRF) attacks via
There is no known workaround at this time.
See also :
All Bugzilla users should upgrade to an unaffected version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/bugzilla-3.2.6'
Bugzilla 2.x and 3.0 have reached their end of life. There will be no
more security updates. All Bugzilla 2.x and 3.0 users should update to
a supported Bugzilla 3.x version.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true
Family: Gentoo Local Security Checks
Nessus Plugin ID: 46808 (gentoo_GLSA-201006-19.nasl)
Bugtraq ID: 30661321783430836371363733802538026
CVE ID: CVE-2008-4437CVE-2008-6098CVE-2009-0481CVE-2009-0482CVE-2009-0483CVE-2009-0484CVE-2009-0485CVE-2009-0486CVE-2009-1213CVE-2009-3125CVE-2009-3165CVE-2009-3166CVE-2009-3387CVE-2009-3989
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.