Bugzilla login data redirection information disclosure

bugzilla-login-data-redirection (24821) The risk level is classified as MediumMedium Risk

Description:

Bugzilla could allow a remote attacker to obtain Bugzilla user credentials. An attacker could create a specially-crafted Bugzilla login URL that would send user credentials to a malicious server when logging in to Bugzilla. An attacker could use these credentials to gain unauthorized access to sensitive information.

Platforms Affected:

  • Mozilla, Bugzilla 2.19.3
  • Mozilla, Bugzilla 2.20
  • Mozilla, Bugzilla 2.20 rc2
  • Mozilla, Bugzilla 2.20 rc1
  • Mozilla, Bugzilla 2.21
  • Mozilla, Bugzilla 2.21.1
  • Mozilla, Bugzilla 2.21.2

Remedy:

Upgrade to the latest version of Bugzilla (2.18.4 or later), (2.20 or later) or (2.21.1 or later), as listed in the Bugzilla Security Advisory dated February 20, 2006. See References.

Consequences:

Obtain Information

References:

  • Bugzilla Security Advisory February 20, 2006, 2.18.4, 2.20, and 2.21.1 Security Advisory at http://www.bugzilla.org/security/2.18.4/.
  • Mozilla Bugzilla Bug 325079, The login form on the Bugzilla home page may redirect your login and password to another site at https://bugzilla.mozilla.org/show_bug.cgi?id=325079.
  • BID-16745: Bugzilla User Credentials Information Disclosure Vulnerability
  • CVE-2006-0916: Bugzilla 2.19.3 through 2.20 does not properly handle // sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain.
  • SA18979: Bugzilla Multiple Vulnerabilities
  • VUPEN/ADV-2006-0692: Bugzilla Multiple SQL Injection and Cross Site Scripting Vulnerabilities

Reported:

Feb 20, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page