Detections
Analytics

Fedora 9 : bugzilla-3.2.2-2.fc9 (2009-2418)

high Nessus Plugin ID 35960

Synopsis

The remote Fedora host is missing a security update.

Description

- Thu Mar 5 2009 Itamar Reis Peixoto <itamar at ispbrasil.com.br> 3.2.2-2

 - fix from BZ #474250 Comment #16, from Chris Eveleigh
 -->

 - add python BR for contrib subpackage

 - fix description

 - change Requires perl-SOAP-Lite to perl(SOAP::Lite) according guidelines

 - Sun Mar 1 2009 Itamar Reis Peixoto <itamar at ispbrasil.com.br> 3.2.2-1

 - thanks to Chris Eveleigh <chris dot eveleigh at planningportal dot gov dot uk>

 - for contributing with patches :-)

 - Upgrade to upstream 3.2.2 to fix multiple security vulns

 - Removed old perl_requires exclusions, added new ones for RADIUS, Oracle and sanitycheck.cgi

 - Added Oracle to supported DBs in description (and moved line breaks)

 - Include a patch to fix max_allowed_packet warnin when using with mysql

 - Sat Feb 28 2009 Itamar Reis Peixoto <itamar at ispbrasil.com.br> 3.0.8-1

 - Upgrade to 3.0.8, fix #466077 #438080

 - fix macro in changelog rpmlint warning

 - fix files-attr-not-set rpmlint warning for doc and contrib sub-packages

 - Mon Feb 23 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.4-4

 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

 - Mon Feb 2 2009 Stepan Kasal <skasal at redhat.com> - 3.0.4-3

 - do not require perl-Email-Simple, it is (no longer) in use

 - remove several explicit perl-* requires; the automatic dependencies do handle them

 - Mon Jul 14 2008 Tom 'spot' Callaway <tcallawa at redhat.com> - 3.0.4-2

 - fix license tag

 - Fri May 9 2008 John Berninger <john at ncphotography dot com> - 3.0.4-1

 - Update to upstream 3.0.4 to fix multiple security vulns

 - Change perms on /etc/bugzilla for bz 427981

 - Sun May 4 2008 John Berninger <john at ncphotography dot com> - 3.0.3-0

 - Update to upstream 3.0.3 - bz 444669

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected bugzilla package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=465956

https://bugzilla.redhat.com/show_bug.cgi?id=484755

https://bugzilla.redhat.com/show_bug.cgi?id=484805

https://bugzilla.redhat.com/show_bug.cgi?id=484806

https://bugzilla.redhat.com/show_bug.cgi?id=484807

https://bugzilla.redhat.com/show_bug.cgi?id=484811

https://bugzilla.redhat.com/show_bug.cgi?id=484812

https://bugzilla.redhat.com/show_bug.cgi?id=484813

https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

http://www.nessus.org/u?580d7913

Plugin Details

Severity: High

ID: 35960

File Name: fedora_2009-2418.nasl

Version: 1.17

Type: local

Agent: unix

Published: 3/19/2009

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:fedoraproject:fedora:9, p-cpe:/a:fedoraproject:fedora:bugzilla

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/5/2009

Reference Information

CVE: CVE-2008-4437, CVE-2008-6098, CVE-2009-0481, CVE-2009-0482, CVE-2009-0483, CVE-2009-0484, CVE-2009-0485, CVE-2009-0486

BID: 30661, 32178

CWE: 22, 264, 352, 79

FEDORA: 2009-2418