Test Kennung:	1.3.6.1.4.1.25623.1.0.11917
Kategorie:	CGI abuses
Titel:	Bugzilla SQL flaws
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote Bugzilla bug tracking system, according to its version number, is vulnerable to various flaws that may let a rogue administrator execute arbitrary SQL commands on this host, and which may allow an attacker to obtain information about bugs marked as being confidential. Solution : Upgrade to 2.16.4 or 2.17.5 Risk factor : Medium
Querverweis:	BugTraq ID: 8953 Common Vulnerability Exposure (CVE) ID: CVE-2003-1046 http://www.securityfocus.com/bid/8953 Bugtraq: 20031103 [BUGZILLA] Security Advisory - SQL injection, information leak (Google Search) http://www.securityfocus.com/archive/1/343185 XForce ISS Database: bugzilla-describecomponents-obtain-info(13602) https://exchange.xforce.ibmcloud.com/vulnerabilities/13602 Common Vulnerability Exposure (CVE) ID: CVE-2003-1045 Conectiva Linux advisory: CLA-2003:774 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774 XForce ISS Database: bugzilla-obtain-information(13600) https://exchange.xforce.ibmcloud.com/vulnerabilities/13600 Common Vulnerability Exposure (CVE) ID: CVE-2003-1044 XForce ISS Database: bugzilla-groupid-gain-privileges(13597) https://exchange.xforce.ibmcloud.com/vulnerabilities/13597 Common Vulnerability Exposure (CVE) ID: CVE-2003-1043 XForce ISS Database: bugzilla-url-sql-injection(13596) https://exchange.xforce.ibmcloud.com/vulnerabilities/13596 Common Vulnerability Exposure (CVE) ID: CVE-2003-1042 XForce ISS Database: bugzilla-productname-sql-injection(13594) https://exchange.xforce.ibmcloud.com/vulnerabilities/13594
Copyright	This script is Copyright (C) 2003 Tenable Network Security

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.