Описание
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-2757
- https://bugzilla.mozilla.org/show_bug.cgi?id=450013
- https://bugzilla.redhat.com/show_bug.cgi?id=623423
- http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html
- http://secunia.com/advisories/40892
- http://secunia.com/advisories/41128
- http://www.bugzilla.org/security/3.2.7
- http://www.securityfocus.com/bid/42275
- http://www.vupen.com/english/advisories/2010/2035
- http://www.vupen.com/english/advisories/2010/2205
EPSS
CVE ID
Связанные уязвимости
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4. ...
EPSS