Bugzilla LDAP injection and template leakage Vulnerability

Release date:
Updated on: 2012-09-04

Affected Systems:
Bugzilla 4.x
Bugzilla 3.x
Bugzilla 2.x
Description:
--------------------------------------------------------------------------------
Cve id: CVE-2012-3981

Bugzilla is an open-source defect tracking system that manages the entire lifecycle of defects in software development, such as submitting, repairing, and disabling defects.

A security vulnerability exists in Bugzilla, which allows malicious users to disclose sensitive information or operate certain data.

1) some input passed through the user name are not properly escaped, which is used in LDAP queries and can be exploited to inject LDAP statements.

This vulnerability is available in versions 2.12-3.6.10, 3.7.1-4.0.7, 4.1.1-4.2.2, and 4.3.1-4.3.2.

2) the application does not restrict Directory Access extensions, and the template source code may be leaked.

This vulnerability is available in versions 2.23.2-3.6.10, 3.7.1-4.0.7, 4.1.1-4.2.2, and 4.3.1-4.3.2.

<* Source: Fr é d é ric Buclin (LpSolit@gmail.com)

Link: http://secunia.com/advisories/50433/
Http://www.bugzilla.org/security/3.6.10/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Bugzilla
--------
For this reason, Bugzilla has released a Security Bulletin (3.6.10) and corresponding patches:

3.6.10: 4.3.2, 4.2.2, 4.0.7, and 3.6.10 Security Advisory

Link: http://www.bugzilla.org/security/3.6.10/