Bugzilla < 2.18.1 Multiple Information Disclosures

low Nessus Plugin ID 18245

Synopsis

The remote web server contains a CGI script that suffers from information disclosure vulnerabilities.

Description

According to its banner, the remote host is running a version of Bugzilla that reportedly may include passwords in the web server logs because it embeds a user's password in a report URL if the user is prompted to log in while viewing a chart. It also allows users to learn whether an invisible product exists in Bugzilla because the application uses one error message if it does not and another if it does but access is denied. And finally, it lets users enter bugs even when the bug entry is closed provided a valid product name is used.

Solution

Upgrade to Bugzilla 2.18.1 or later.

See Also

https://www.bugzilla.org/security/2.16.8/

Plugin Details

Severity: Low

ID: 18245

File Name: bugzilla_auth_info_disclosure.nasl

Version: 1.23

Type: remote

Family: CGI abuses

Published: 5/12/2005

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.8

Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:mozilla:bugzilla

Required KB Items: installed_sw/Bugzilla, Settings/ParanoidReport

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 5/12/2005

Reference Information

CVE: CVE-2005-1563, CVE-2005-1564, CVE-2005-1565

BID: 13605, 13606