CGI abuses : Bugzilla Authentication Bypass and Information Disclosure

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.15562
Category:	CGI abuses
Title:	Bugzilla Authentication Bypass and Information Disclosure
Summary:	NOSUMMARY
Description:	Description: The remote Bugzilla bug tracking system, according to its version number, is vulnerable to various flaws that may let an attacker bypass its authorizations or to get access to private bug reports. Solution : Upgrade to 2.16.7 or 2.18.0rc3 Risk factor : High
Cross-Ref:	BugTraq ID: 11511 Common Vulnerability Exposure (CVE) ID: CVE-2004-1635 http://www.securityfocus.com/bid/11511 Bugtraq: 20041025 [BUGZILLA] Vulnerabilities in Bugzilla 2.16.6 and 2.18rc2 (Google Search) http://marc.info/?l=bugtraq&m=109872095201238&w=2 XForce ISS Database: bugzila-metadata-information-disclosure(17842) https://exchange.xforce.ibmcloud.com/vulnerabilities/17842 Common Vulnerability Exposure (CVE) ID: CVE-2004-1634 XForce ISS Database: bugzilla-xml-information-disclosure(17841) https://exchange.xforce.ibmcloud.com/vulnerabilities/17841
Copyright	This script is Copyright (C) 2004 Tenable Network Security