CVE-2011-2979 - Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on

CVE-2011-2979

Summary

Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756 regression.

References

Vulnerable Configurations

cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 29-08-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	49042
confirm	http://www.bugzilla.org/security/3.4.11/ https://bugzilla.mozilla.org/show_bug.cgi?id=674497
debian	DSA-2322
osvdb	74298 74299
secunia	45501
xf	bugzilla-queries-info-disclosure(69166)

Last major update

29-08-2017 - 01:29

Published

09-08-2011 - 19:55

Last modified

29-08-2017 - 01:29