Bugzilla Directory Access Information Disclosure
Medium Nessus Plugin ID 44426
SynopsisA CGI hosted on the remote web server is affected by an information
DescriptionThe version of Bugzilla hosted on the remote web server allows an
unauthenticated, remote attacker to list the contents of directories
such as '/contrib/', which could contain sensitive information.
SolutionUpgrade to Bugzilla version 3.5.3 / 3.4.5 / 3.2.6 / 3.0.11 or later
and make sure permissions are set accordingly.