Bug 445820 (CVE-2008-2105)

Summary: CVE-2008-2105 bugzilla: Account Impersonation via email interface
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: john
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2105
Whiteboard:
Fixed In Version: 3.0.4-1.fc9 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-05-13 15:27:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 445821, 445822, 445823    
Bug Blocks:    

Description Tomas Hoger 2008-05-09 10:00:54 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-2105 to the following vulnerability:

email_in.pl in Bugzilla 2.23.4, and later versions before 3.0, allows remote authenticated users to more easily spoof the changer of a bug via a @reporter command in the body of an e-mail message, which overrides the e-mail address as normally obtained from the From e-mail header.  NOTE: since From headers are easily spoofed, this only crosses privilege boundaries in environments that provide additional verification of e-mail addresses.

Fixed upstream in: 3.0.4, 3.1.4, 2.22.4, and 2.20.6

Refences:
http://www.bugzilla.org/security/2.20.5/
https://bugzilla.mozilla.org/show_bug.cgi?id=419188
http://www.securityfocus.com/bid/29038
http://www.frsirt.com/english/advisories/2008/1428/references
http://www.securitytracker.com/id?1019969
http://secunia.com/advisories/30064
Comment 2 Fedora Update System 2008-05-09 14:05:28 UTC 
bugzilla-3.0.4-1.fc7 has been submitted as an update for Fedora 7
Comment 3 Fedora Update System 2008-05-09 14:06:49 UTC 
bugzilla-3.0.4-1.fc8 has been submitted as an update for Fedora 8
Comment 4 Fedora Update System 2008-05-09 14:08:03 UTC 
bugzilla-3.0.4-1.fc9 has been submitted as an update for Fedora 9
Comment 5 Fedora Update System 2008-05-10 13:51:21 UTC 
bugzilla-3.0.4-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 6 Fedora Update System 2008-05-10 13:57:26 UTC 
bugzilla-3.0.4-1.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Red Hat Product Security 2008-05-13 15:04:47 UTC 
This issue was addressed in:

Fedora:
  https://admin.fedoraproject.org/updates/F7/FEDORA-2008-3488
  https://admin.fedoraproject.org/updates/F8/FEDORA-2008-3442
  https://admin.fedoraproject.org/updates/F9/FEDORA-2008-3668
Comment 8 Fedora Update System 2008-05-13 15:26:43 UTC 
bugzilla-3.0.4-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.