[prev in list] [next in list] [prev in thread] [next in thread] 

List:       novalug
Subject:    [ma-linux] Fw: [@stake Advisory] Remote Vulnerabilities in Bugzilla (A043001-1)
From:       "Dave Aitel" <daitel () atstake ! com>
Date:       2001-04-30 20:31:54
[Download RAW message or body]

FYI.
-dave

----- Original Message -----
From: "@stake advisories" <advisories@atstake.com>
To: "advisory-announce" <advisory-announce@lists.atstake.com>
Sent: Monday, April 30, 2001 4:23 PM
Subject: [@stake Advisory] Remote Vulnerabilities in Bugzilla (A043001-1)


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>                                @stake, Inc.
>                              www.atstake.com
>
>                       Security Advisory Notification
>
>
> Advisory Name: Remote Vulnerabilities in Bugzilla
>   Release Date: 04/30/2001
>    Application: Bugzilla (2.10)
>       Platform: Unix or any other platform supporting perl CGI scripts and
>                 MySQL (most often Unix+Apache)
>       Severity: Remote users could execute arbitrary commands as the web
>                 server user, view unauthorized information.
>        Authors: Dave Aitel [daitel@atstake.com],
>                 Andrew Danforth [acd@atstake.com]
> Vendor Status: Vendor has fixed version
> CVE Candidate: CAN-2001-0329, CAN-2001-0330
>      Reference: www.atstake.com/research/advisories/2001/a043001-1.txt
>
>
> Executive Summary:
>
> Bugzilla is a web-based bug (and enhancement) tracking engine built over
> MySQL. It's often used for distributed OpenSource development, but is used
> by corporations (both internally and externally) as well. A bug in
> Bugzilla allows remote users who have registered with shell characters in
> their email addresses to execute commands on the web server as an
> unprivileged user.
>
>
> Overview:
>
> The attack is to register as a user named "|somecommand;@yourdomain.com"
> (root access at yourdomain.com _may_ be required.) Then submit a bug.
>
> It is prudent to segment Bugzilla (or otherwise interactive
> web sites) from code repository and download sites. This would prevent
> this, or future bugs from compromising the source tree or distribution
> binaries of an OpenSource or collaborative project.
>
>
> Vendor Response:
>
> Vendor has released a new release, Bugzilla 2.12, that addresses these
> problems:
>
> http://ftp.mozilla.org/pub/webtools/bugzilla-2.12.tar.gz
>
>
> Advisory Reference:
>
> http://www.atstake.com/research/advisories/2001/a043001-1.txt
>
> ** The advisory contains additional information.  We encourage those
> ** effected by this issue to read the advisory.
> **
> ** All vulnerablity database maintainers should reference the above
> ** advisory reference URL to refer to this advisory.
>
> |-----------------------------------------------------------------------
>
> @stake Advisory Announcement mailing list:
>
> If you wish to receive announcement messages when new @stake advisories
> are released you can subscribe to our advisory-announce mailing
> list. To subscribe to advisory-announce@lists.atstake.com, send an
> (empty) message to:
>
>              advisory-announce-subscribe@lists.atstake.com.
>
>
> Last 5 @stake Advisories
>
> 04.16.01
> iPlanet Web Server Enterprise Edition 4.0, 4.1 Response Header Overflow
> http://www.atstake.com/research/advisories/2001/a041601-1.txt
>
> 04.13.01
> Netscape SmartDownload Overflow
> http://www.atstake.com/research/advisories/2001/a041301-1.txt
>
> 04.09.01
> Windows PGP (Pretty Good Privacy) ASCII Armor Parser Vulnerability
> http://www.atstake.com/research/advisories/2001/a040901-1.txt
>
> 04.03.01
> Multiple Information Disclosure Issues with G6 FTP Server
> http://www.atstake.com/research/advisories/2001/a040301-1.txt
>
> 03.07.01
> Netscape Directory Server Buffer Overflow
> http://www.atstake.com/research/advisories/2001/a030701-1.txt
>
>
> Advisory policy: http://www.atstake.com/research/policy/
> For more advisories: http://www.atstake.com/research/advisories/
> PGP Key: http://www.atstake.com/research/pgp_key.asc
>
> Copyright 2001 @stake, Inc. All rights reserved.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.0
>
> iQA/AwUBOu3Jm1ESXwDtLdMhEQJ/EgCfZKa6BX03fzscHWrbZD5h0pyDcDAAniZq
> 2aoAu6IDCozfaeDAoPEQ2eTz
> =JkqZ
> -----END PGP SIGNATURE-----
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: advisory-announce-unsubscribe@lists.atstake.com
> For additional commands, e-mail: advisory-announce-help@lists.atstake.com
>
>

_______________________________________________
ma-linux mailing list
ma-linux@tux.org
http://www.tux.org/mailman/listinfo/ma-linux

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic