Test ID:	1.3.6.1.4.1.25623.1.0.51477
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2003:774
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2003:774. Bugzilla[1] is a bug tracking system used by many software projects. Several vulnerabilities have been announced[2] and are being fixed in this update. 1. SQL injection in collectstats.pl [3] An user with 'editproducts' privileges (usually an administrator) can select arbitrary SQL commands to be run by the nightly statistics cron job (collectstats.pl) by giving a product a carefully crafted name. 2. SQL injection in editkeywords [4] An user with 'editkeywords' privileges (usually an administrator) can inject arbitrary SQL commands via the URL used to edit an existing keyword. 3. Privilege mishandling [5] When deleting products and the 'usebuggroups' parameter is on, the privilege which allows someone to add people to the group which is being deleted does not get removed, allowing users with that privilege to get that privilege for the next group that is created which reuses that group ID. This only allows someone who had been granted privileges in the past to retain them. 4. Information leak [6] If the email address of someone who has voted on a restricted ticket is known, the script_summary( of that ticket can be accessed by users which would usually have no such privileges. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:774 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.