English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.70766
Categoría:Gentoo Local Security Checks
Título:Gentoo Security Advisory GLSA 201110-03 (bugzilla)
Resumen:The remote host is missing updates announced in;advisory GLSA 201110-03.
Descripción:Summary:
The remote host is missing updates announced in
advisory GLSA 201110-03.

Vulnerability Insight:
Multiple vulnerabilities were found in Bugzilla, the worst of which
leading to privilege escalation.

Solution:
All Bugzilla users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/bugzilla-3.6.6'


NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since August 27, 2011. It is likely that your system is
already
no longer affected by this issue.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2761
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:237
http://www.mandriva.com/security/advisories?name=MDVSA-2010:250
https://bugzilla.mozilla.org/show_bug.cgi?id=600464
http://openwall.com/lists/oss-security/2010/12/01/1
http://openwall.com/lists/oss-security/2010/12/01/2
http://openwall.com/lists/oss-security/2010/12/01/3
http://osvdb.org/69588
http://osvdb.org/69589
http://www.redhat.com/support/errata/RHSA-2011-1797.html
http://secunia.com/advisories/42877
http://secunia.com/advisories/43033
http://secunia.com/advisories/43068
http://secunia.com/advisories/43147
http://secunia.com/advisories/43165
SuSE Security Announcement: SUSE-SR:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0207
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0249
http://www.vupen.com/english/advisories/2011/0271
Common Vulnerability Exposure (CVE) ID: CVE-2010-3172
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050830.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050820.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050813.html
http://www.securitytracker.com/id?1024683
http://secunia.com/advisories/42271
http://www.vupen.com/english/advisories/2010/2878
http://www.vupen.com/english/advisories/2010/2975
Common Vulnerability Exposure (CVE) ID: CVE-2010-3764
XForce ISS Database: bugzilla-graphs-info-disclosure(62969)
https://exchange.xforce.ibmcloud.com/vulnerabilities/62969
Common Vulnerability Exposure (CVE) ID: CVE-2010-4411
http://www.mandriva.com/security/advisories?name=MDVSA-2011:008
http://www.vupen.com/english/advisories/2011/0106
Common Vulnerability Exposure (CVE) ID: CVE-2010-4567
BugTraq ID: 45982
http://www.securityfocus.com/bid/45982
Debian Security Information: DSA-2322 (Google Search)
http://www.debian.org/security/2011/dsa-2322
http://osvdb.org/70699
XForce ISS Database: bugzilla-urlfield-xss(65004)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65004
Common Vulnerability Exposure (CVE) ID: CVE-2010-4568
http://osvdb.org/70700
XForce ISS Database: bugzilla-number-security-bypass(65001)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65001
Common Vulnerability Exposure (CVE) ID: CVE-2010-4569
http://yuilibrary.com/forum/viewtopic.php?p=12923
http://yuilibrary.com/projects/yui2/ticket/2529228
http://osvdb.org/70701
XForce ISS Database: bugzilla-realname-xss(65178)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65178
Common Vulnerability Exposure (CVE) ID: CVE-2010-4570
http://osvdb.org/70702
XForce ISS Database: bugzilla-summary-xss(65179)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65179
Common Vulnerability Exposure (CVE) ID: CVE-2010-4572
http://osvdb.org/70703
XForce ISS Database: bugzilla-chartcgi-response-splitting(65440)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65440
Common Vulnerability Exposure (CVE) ID: CVE-2011-0046
http://osvdb.org/70705
http://osvdb.org/70706
http://osvdb.org/70707
http://osvdb.org/70708
http://osvdb.org/70709
http://osvdb.org/70710
XForce ISS Database: bugzilla-unspec-csrf(65003)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65003
Common Vulnerability Exposure (CVE) ID: CVE-2011-0048
http://osvdb.org/70704
XForce ISS Database: bugzilla-url-xss(65005)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65005
Common Vulnerability Exposure (CVE) ID: CVE-2011-2379
BugTraq ID: 49042
http://www.securityfocus.com/bid/49042
http://www.osvdb.org/74297
http://secunia.com/advisories/45501
XForce ISS Database: bugzilla-patch-attachments-xss(69033)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69033
Common Vulnerability Exposure (CVE) ID: CVE-2011-2380
http://www.osvdb.org/74298
http://www.osvdb.org/74299
XForce ISS Database: bugzilla-editing-info-disclosure(69034)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69034
Common Vulnerability Exposure (CVE) ID: CVE-2011-2381
http://www.osvdb.org/74300
XForce ISS Database: bugzilla-attachment-header-injection(69035)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69035
Common Vulnerability Exposure (CVE) ID: CVE-2011-2976
http://www.osvdb.org/74303
XForce ISS Database: bugzilla-buglist-xss(69038)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69038
Common Vulnerability Exposure (CVE) ID: CVE-2011-2977
http://www.osvdb.org/74302
XForce ISS Database: bugzilla-attachments-info-disc(69037)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69037
Common Vulnerability Exposure (CVE) ID: CVE-2011-2978
http://www.osvdb.org/74301
XForce ISS Database: bugzilla-account-sec-bypass(69036)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69036
Common Vulnerability Exposure (CVE) ID: CVE-2011-2979
XForce ISS Database: bugzilla-queries-info-disclosure(69166)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69166
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.