[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Re: CVE request: Bugzilla (Unauthorized Bug Change, XSS, Account Impersonation)
From:       Hanno =?utf-8?q?B=C3=B6ck?= <hanno () hboeck ! de>
Date:       2008-05-13 11:07:11
Message-ID: 200805131307.11637.hanno () hboeck ! de
[Download RAW message or body]


Am Mittwoch 07 Mai 2008 schrieb Steven M. Christey:
> ======================================================
> Name: CVE-2008-2104
> Status: Candidate
> URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2104
> Reference: CONFIRM:http://www.bugzilla.org/security/2.20.5/
> Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=415471
> Reference: BID:29038
> Reference: URL:http://www.securityfocus.com/bid/29038
> Reference: FRSIRT:ADV-2008-1428
> Reference:
> URL:http://www.frsirt.com/english/advisories/2008/1428/references
> Reference: SECTRACK:1019968
> Reference: URL:http://www.securitytracker.com/id?1019968
> Reference: SECUNIA:30064
> Reference: URL:http://secunia.com/advisories/30064
> Reference: XF:bugzilla-xmlrpc-security-bypass(42218)
> Reference: URL:http://xforce.iss.net/xforce/xfdb/42218
>
> The WebService in Bugzilla before 3.1.3 allows remote authenticated
> users without canconfirm privileges to create NEW or ASSIGNED bug
> entries via a request to the XML-RPC interface, which bypasses the
> canconfirm check.

I think this should be "3.1.3 and before" ?
As 3.1.3 is also affected according to the upstream advisory.

-- 
Hanno Böck		Blog:		http://www.hboeck.de/
GPG: 3DBD3B20		Jabber/Mail:	hanno@hboeck.de

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]