Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 561796 - (CVE-2009-3387, CVE-2009-3989) CVE-2009-3387 CVE-2009-3989 bugzilla: Sensitive information disclosure via various attack vectors
CVE-2009-3387 CVE-2009-3989 bugzilla: Sensitive information disclosure via va...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,source=cve,reported=201002...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-02-04 05:44 EST by Jan Lieskovsky
Modified: 2015-08-22 11:56 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-08-22 11:56:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Jan Lieskovsky 2010-02-04 05:44:30 EST 
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3387 to
the following vulnerability:

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group
restrictions to be preserved throughout the process of moving a bug to
a different product category, which allows remote attackers to obtain
sensitive information via a request for a bug in opportunistic
circumstances.

References:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3387
  http://www.securityfocus.com/archive/1/archive/1/509282/100/0/threaded
  https://bugzilla.mozilla.org/show_bug.cgi?id=532493
  http://www.securityfocus.com/bid/38026
  http://secunia.com/advisories/38443
  http://www.vupen.com/english/advisories/2010/0261
  http://xforce.iss.net/xforce/xfdb/56004

--

Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3989 to
the following vulnerability:

Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and
3.5.x before 3.5.3 does not block access to files and directories that
are used by custom installations, which allows remote attackers to
obtain sensitive information via requests for (1) CVS/, (2) contrib/,
(3) docs/en/xml/, (4) t/, or (5) old-params.txt.

References:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3989
  http://www.securityfocus.com/archive/1/archive/1/509282/100/0/threaded
  https://bugzilla.mozilla.org/show_bug.cgi?id=314871
  https://bugzilla.mozilla.org/show_bug.cgi?id=434801
  http://www.securityfocus.com/bid/38025
  http://secunia.com/advisories/38443
  http://www.vupen.com/english/advisories/2010/0261
  http://xforce.iss.net/xforce/xfdb/56003
Comment 1 Jan Lieskovsky 2010-02-04 05:54:59 EST 
These issues have been already addressed for the versions, of the
bugzilla package, as shipped with Fedora release of 11 (version
fixing the issue was bugzilla-3.2.6-1.fc11) and 12 (version fixing
the issue was bugzilla-3.4.5-1.fc12).

But these flaws are still present in the versions of bugzilla 
package, as shipped with Extra Packages for Enterprise Linux --
EPEL-4 and EPEL-5 Fedora projects. Though versions bugzilla-3.2.4-1.el4
and bugzilla-3.2.4-2.el5 seem to already contain fix for CVE-2009-3387
(patch from  https://bugzilla.mozilla.org/attachment.cgi?id=415719
seems to be already included), they are missing fix for CVE-2009-3989
(patch from https://bugzilla.mozilla.org/show_bug.cgi?id=434801:

   https://bugzilla.mozilla.org/attachment.cgi?id=419687

). 

Please collect the patches for CVE-2009-3387 and CVE-2009-3989 flaws
(see above References part) and update versions of the bugzilla
package as shipped in EPEL with them.

Thanks.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.