FreeBSD : bugzilla -- multiple vulnerabilities (e135f0c9-375f-11e3-80b7-20cf30e32f6d)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

A Bugzilla Security Advisory reports:Cross-Site Request Forgery When a
user submits changes to a bug right after another user did, a midair
collision page is displayed to inform the user about changes recently
made. This page contains a token which can be used to validate the
changes if the user decides to submit his changes anyway. A regression
in Bugzilla 4.4 caused this token to be recreated if a crafted URL was
given, even when no midair collision page was going to be displayed,
allowing an attacker to bypass the token check and abuse a user to
commit changes on his behalf. Cross-Site Request Forgery When an
attachment is edited, a token is generated to validate changes made by
the user. Using a crafted URL, an attacker could force the token to be
recreated, allowing him to bypass the token check and abuse a user to
commit changes on his behalf. Cross-Site Scripting Some parameters
passed to editflagtypes.cgi were not correctly filtered in the HTML
page, which could lead to XSS. Cross-Site Scripting Due to an
incomplete fix for CVE-2012-4189, some incorrectly filtered field
values in tabular reports could lead to XSS.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 70485 ()

Bugtraq ID:

CVE ID: CVE-2013-1733

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now