FreeBSD : bugzilla -- multiple vulnerabilities (dc8741b9-c5d5-11e0-8a8e-00151735203a)

Medium Nessus Plugin ID 55847

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 3.4

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A Bugzilla Security Advisory reports :

The following security issues have been discovered in Bugzilla :

- Internet Explorer 8 and older, and Safari before 5.0.6 do content sniffing when viewing a patch in 'Raw Unified' mode, which could trigger a cross-site scripting attack due to the execution of malicious code in the attachment.

- It is possible to determine whether or not certain group names exist while creating or updating bugs.

- Attachment descriptions with a newline in them could lead to the injection of crafted headers in email notifications sent to the requestee or the requester when editing an attachment flag.

- If an attacker has access to a user's session, he can modify that user's email address without that user being notified of the change.

- Temporary files for uploaded attachments are not deleted on Windows, which could let a user with local access to the server read them.

- Up to Bugzilla 3.4.11, if a BUGLIST cookie is compromised, it can be used to inject HTML code when viewing a bug report, leading to a cross-site scripting attack.

All affected installations are encouraged to upgrade as soon as possible.

Solution

Update the affected packages.

See Also

https://bugzilla.mozilla.org/show_bug.cgi?id=637981

https://bugzilla.mozilla.org/show_bug.cgi?id=653477

https://bugzilla.mozilla.org/show_bug.cgi?id=674497

https://bugzilla.mozilla.org/show_bug.cgi?id=657158

https://bugzilla.mozilla.org/show_bug.cgi?id=670868

https://bugzilla.mozilla.org/show_bug.cgi?id=660502

https://bugzilla.mozilla.org/show_bug.cgi?id=660053

http://www.nessus.org/u?65bad0b4

Plugin Details

Severity: Medium

ID: 55847

File Name: freebsd_pkg_dc8741b9c5d511e08a8e00151735203a.nasl

Version: 1.9

Type: local

Published: 2011/08/15

Updated: 2021/01/06

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 3.4

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:bugzilla, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2011/08/13

Vulnerability Publication Date: 2011/08/04

Reference Information

CVE: CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2976, CVE-2011-2977, CVE-2011-2978, CVE-2011-2979