FreeBSD Ports: Bugzilla Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.bugzilla.org/security/3.4.3/ http://www.vuxml.org/freebsd/92ca92c1-d859-11de-89f9-001517351c22.html

Insight

The following package is affected: bugzilla CVE-2009-3386 Template.pm in Bugzilla 3.3.2 through 3.4.3 and 3.5 through 3.5.1 allows remote attackers to discover the alias of a private bug by reading the (1) Depends On or (2) Blocks field of a related bug.

Severity

Classification

CVE CVE-2009-3386
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

FreeBSD Ports: alsaplayer
FreeBSD Ports: apr1
FreeBSD Ports: bzip2
FreeBSD Ports: apache
FreeBSD Ports: bogofilter, bogofilter-qdbm, bogofilter-tdb, ru-bogofilter

FreeBSD Ports: bugzilla

Take action and discover your vulnerabilities