The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. https://bugzilla.mozilla.org/show_bug.cgi?id=309952 https://bugzilla.mozilla.org/show_bug.cgi?id=561797 http://www.vuxml.org/freebsd/f1331504-8849-11df-89b8-00151735203a.html

The following package is affected: bugzilla CVE-2010-1204 Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL, related to a 'boolean chart search.' CVE-2010-0180 Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field.