This host is running Bugzilla and is prone to information disclosure vulnerability.
Successful exploitation will allow attackers to read sensitive configuration fields. Impact Level: Application
Upgrade to Bugzilla version 3.6.1, 3.7.1 or later, For updates refer to http://www.bugzilla.org/download/
The flaw is due to an error in 'install/Filesystem.pm', which uses world readable permissions for the localconfig files via the database password field and the site_wide_secret field.
Bugzilla version 3.5.1 to 3.6 and 3.7
- Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
- MODx Local File Include and Cross Site Scripting Vulnerabilities
- Nagios XI 'users.php' Multiple Cross-Site Scripting Vulnerabilities
- MantisBT 'adm_config_report.php' Cross-Site Scripting Vulnerability - January15
- phpGraphy 'theme_dir' Parameter Cross Site Scripting Vulnerability