FreeBSD : bugzilla -- multiple vulnerabilities (1c8a039b-7b23-11e2-b17b-20cf30e32f6d)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

A Bugzilla Security Advisory reports:Cross-Site Scripting When viewing
a single bug report, which is the default, the bug ID is validated and
rejected if it is invalid. But when viewing several bug reports at
once, which is specified by the format=multiple parameter, invalid bug
IDs can go through and are sanitized in the HTML page itself. But when
an invalid page format is passed to the CGI script, the wrong HTML
page is called and data are not correctly sanitized, which can lead to
XSS. Information Leak When running a query in debug mode, the
generated SQL query used to collect the data is displayed. The way
this SQL query is built permits the user to determine if some
confidential field value (such as a product name) exists. This problem
only affects Bugzilla 4.0.9 and older. Newer releases are not affected
by this issue.

See also :

https://bugzilla.mozilla.org/show_bug.cgi?id=842038
https://bugzilla.mozilla.org/show_bug.cgi?id=824399
http://www.nessus.org/u?76860869

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 64742 ()

Bugtraq ID:

CVE ID: CVE-2013-0785
CVE-2013-0786

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now