NI3
11-08-2003, 10:27 AM
Test ID: 11917
Category: CGI abuses
Title: Bugzilla SQL flaws
Summary: Checks for the presence of bugzilla
Description:
The remote Bugzilla bug tracking system, according to its version number, is
vulnerable to various flaws that may let a rogue administrator execute
arbitrary SQL commands on this host, and which may allow an attacker to
obtain information about bugs marked as being confidential.
Solution : Upgrade to 2.16.4 or 2.17.5
Risk factor : Medium
Copyright: This script is Copyright (C) 2003 Tenable Network Security
Cross-Ref: BugTraq ID: 8953
Category: CGI abuses
Title: Bugzilla SQL flaws
Summary: Checks for the presence of bugzilla
Description:
The remote Bugzilla bug tracking system, according to its version number, is
vulnerable to various flaws that may let a rogue administrator execute
arbitrary SQL commands on this host, and which may allow an attacker to
obtain information about bugs marked as being confidential.
Solution : Upgrade to 2.16.4 or 2.17.5
Risk factor : Medium
Copyright: This script is Copyright (C) 2003 Tenable Network Security
Cross-Ref: BugTraq ID: 8953