LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

LWN.net Weekly Edition for January 26, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

bugzilla: multiple vulnerabilities

Package(s):bugzilla CVE #(s):
Created:November 5, 2003 Updated:November 5, 2003
Description: Several new vulnerabilities have been found in bugzilla; these include a pair of SQL injection bugs (usually only exploitable by privileged users) and some information leaks. See this advisory for details; upgrading to versions 2.16.4 or 2.17.5 fixes the problems.
Alerts:
Conectiva CLA-2003:774 2003-11-05
(Log in to post comments)

bugzilla: multiple vulnerabilities

Posted Nov 6, 2003 13:21 UTC (Thu) by gerv (subscriber, #3376) [Link]

(usually only exploitable by privileged users)

That's an incorrect paraphrasing of the advisory, which says: "exploitable only by a privileged user". You need privileges to exploit these two problems.

Gerv

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds