FreeBSD : bugzilla -- multiple vulnerabilities (dc8741b9-c5d5-11e0-8a8e-00151735203a)

medium Nessus Plugin ID 55847
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A Bugzilla Security Advisory reports :

The following security issues have been discovered in Bugzilla :

- Internet Explorer 8 and older, and Safari before 5.0.6 do content sniffing when viewing a patch in 'Raw Unified' mode, which could trigger a cross-site scripting attack due to the execution of malicious code in the attachment.

- It is possible to determine whether or not certain group names exist while creating or updating bugs.

- Attachment descriptions with a newline in them could lead to the injection of crafted headers in email notifications sent to the requestee or the requester when editing an attachment flag.

- If an attacker has access to a user's session, he can modify that user's email address without that user being notified of the change.

- Temporary files for uploaded attachments are not deleted on Windows, which could let a user with local access to the server read them.

- Up to Bugzilla 3.4.11, if a BUGLIST cookie is compromised, it can be used to inject HTML code when viewing a bug report, leading to a cross-site scripting attack.

All affected installations are encouraged to upgrade as soon as possible.

Solution

Update the affected packages.

See Also

https://bugzilla.mozilla.org/show_bug.cgi?id=637981

https://bugzilla.mozilla.org/show_bug.cgi?id=653477

https://bugzilla.mozilla.org/show_bug.cgi?id=674497

https://bugzilla.mozilla.org/show_bug.cgi?id=657158

https://bugzilla.mozilla.org/show_bug.cgi?id=670868

https://bugzilla.mozilla.org/show_bug.cgi?id=660502

https://bugzilla.mozilla.org/show_bug.cgi?id=660053

http://www.nessus.org/u?65bad0b4

Plugin Details

Severity: Medium

ID: 55847

File Name: freebsd_pkg_dc8741b9c5d511e08a8e00151735203a.nasl

Version: 1.9

Type: local

Published: 8/15/2011

Updated: 1/6/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:bugzilla, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 8/13/2011

Vulnerability Publication Date: 8/4/2011

Reference Information

CVE: CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2976, CVE-2011-2977, CVE-2011-2978, CVE-2011-2979