Technical Description

Two vulnerabilities have been identified in Bugzilla, which could be exploited by attackers to execute arbitrary scripting code or gain knowledge of sensitive information.

The first issue is due to an input validation error when processing certain fields within generated Atom feeds, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.

The second vulnerability is due to an error in the embedded "mod_perl" initialization script that does not set proper permissions for ".htaccess" files, which could be exploited by attackers to bypass htaccess rectrictions and gain unauthorized access to the localconfig file.

Affected Products

Bugzilla versions prior to 2.20.4
Bugzilla versions prior to 2.22.2
Bugzilla versions prior to 2.23.4

Solution

Upgrade to Bugzilla version 2.20.4, 2.22.2, or 2.23.4 :
http://www.bugzilla.org/download/

References

http://www.vupen.com/english/advisories/2007/0477
https://bugzilla.mozilla.org/show_bug.cgi?id=367674
https://bugzilla.mozilla.org/show_bug.cgi?id=367071

Credits

Vulnerabilities reported by Frédéric Buclin, Dave Miller, Olav Vitters, and Max Kanat-Alexander.

ChangeLog

2007-02-05 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.