Vulnerability CVE-2005-2173 - CERT Civis.Net

Vulnerability Name:

CVE-2005-2173 (CCN-21316)

Assigned:

2005-07-08

Published:

2005-07-08

Updated:

2008-09-05

Summary:

The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to 2.18.1 and 2.19.1 to 2.19.3 do not verify that the flag ID is appropriate for the given bug or attachment ID, which allows users to change flags on arbitrary bugs and obtain a bug summary via process_bug.cgi.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Data Manipulation

References:

Source: CCN
Type: BugTraq Mailing List, Fri Jul 08 2005 - 01:46:17 CDT
Security Advisory for Bugzilla 2.18.1 and 2.19.3

Source: MITRE
Type: CNA
CVE-2005-2173

Source: CCN
Type: SECTRACK ID: 1014428
Bugzilla Lets Remote Users Modify Flags and May Disclose Private Bug Summaries to Remote Users

Source: SECTRACK
Type: UNKNOWN
1014428

Source: CCN
Type: Bugzilla Web page
Bugzilla

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.bugzilla.org/security/2.18.1/

Source: CCN
Type: GLSA-200507-12
Bugzilla: Unauthorized access and information disclosure

Source: CCN
Type: OSVDB ID: 17800
Bugzilla process_bug.cgi Arbitrary Bug Flag Modification

Source: CCN
Type: BID-14198
Bugzilla Unauthorized Flag Change Access Validation Vulnerability

Source: CONFIRM
Type: Patch
https://bugzilla.mozilla.org/show_bug.cgi?id=293159

Source: XF
Type: UNKNOWN
bugzilla-flag-modification(21316)

Vulnerable Configuration:

Configuration 1:

cpe:/a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:2.19.3:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

Denotes that component is vulnerable