ID de Prueba:	1.3.6.1.4.1.25623.1.0.11917
Categoría:	CGI abuses
Título:	Bugzilla SQL flaws
Resumen:	NOSUMMARY
Descripción:	Description: The remote Bugzilla bug tracking system, according to its version number, is vulnerable to various flaws that may let a rogue administrator execute arbitrary SQL commands on this host, and which may allow an attacker to obtain information about bugs marked as being confidential. Solution : Upgrade to 2.16.4 or 2.17.5 Risk factor : Medium
Referencia Cruzada:	BugTraq ID: 8953 Common Vulnerability Exposure (CVE) ID: CVE-2003-1046 http://www.securityfocus.com/bid/8953 Bugtraq: 20031103 [BUGZILLA] Security Advisory - SQL injection, information leak (Google Search) http://www.securityfocus.com/archive/1/343185 XForce ISS Database: bugzilla-describecomponents-obtain-info(13602) https://exchange.xforce.ibmcloud.com/vulnerabilities/13602 Common Vulnerability Exposure (CVE) ID: CVE-2003-1045 Conectiva Linux advisory: CLA-2003:774 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774 XForce ISS Database: bugzilla-obtain-information(13600) https://exchange.xforce.ibmcloud.com/vulnerabilities/13600 Common Vulnerability Exposure (CVE) ID: CVE-2003-1044 XForce ISS Database: bugzilla-groupid-gain-privileges(13597) https://exchange.xforce.ibmcloud.com/vulnerabilities/13597 Common Vulnerability Exposure (CVE) ID: CVE-2003-1043 XForce ISS Database: bugzilla-url-sql-injection(13596) https://exchange.xforce.ibmcloud.com/vulnerabilities/13596 Common Vulnerability Exposure (CVE) ID: CVE-2003-1042 XForce ISS Database: bugzilla-productname-sql-injection(13594) https://exchange.xforce.ibmcloud.com/vulnerabilities/13594
Copyright	This script is Copyright (C) 2003 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.