Gentoo Security Advisory GLSA 200507-12 (bugzilla) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200507-12.

Solution

All Bugzilla users should upgrade to the latest available version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/bugzilla-2.18.3' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200507-12 http://bugs.gentoo.org/show_bug.cgi?id=98348 http://www.bugzilla.org/security/2.18.1/

Insight

Multiple vulnerabilities in Bugzilla could allow remote users to modify bug flags or gain sensitive information.

Severity

Classification

CVE CVE-2005-2173, CVE-2005-2174

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Gentoo Security Advisory GLSA 200406-15 (Usermin)
Gentoo Security Advisory GLSA 200409-31 (jabberd)
Gentoo Security Advisory GLSA 200501-33 (mysql)
Gentoo Security Advisory GLSA 200405-04 (openoffice)
Gentoo Security Advisory GLSA 200411-03 (apache)

Take action and discover your vulnerabilities