Closed Bug 741079 Opened 10 years ago Closed 10 years ago
Security advisory for Bugzilla 4
.2 .1, 4 .0 .6 and 3 .6 .9
We have one security bug ready for checkin: bug 728639, affecting all active branches.
Assignee: website → dkl
Status: NEW → ASSIGNED
Attachment #614481 - Flags: review?(LpSolit)
Comment on attachment 614481 [details] 3.6.8 sec adv (v1) >* When abusing X-FORWARDED-FOR header, an attacker could bypass > lockout policy allowing a possible brute-force discovery of a > valid user password. Maybe it's just me, but shouldn't you add "the" before "X-FORWARDED-FOR header" and "lockout policy"? >Versions: 3.6.8, 4.0.5, 4.2 All versions since 3.5.3 are vulnerable, so it must be: 3.5.3 to 3.6.8, 3.7.1 to 4.0.5, 4.1.1 to 4.2. >Description: Due to a lack of proper validation of the X-FORWARDED-FOR > header of an authentication request, an attacker could bypass > the current lockout policy used for protection against and > brute-force password discovery or possible denial of service > attack. I don't understand "against" in this sentence. Also, don't mention DoS as it's not true. Also, mention that this vulnerability can only be exploited if the 'inbound_proxies' parameter is set. >David Lawrence >Byron Jones >FrÃ©dÃ©ric Buclin The credits list contains the following people, in this order: assignee, reviewer, reporter. So we have: Frédéric Buclin Byron Jones Soroush Dalili
Attachment #614481 - Flags: review?(LpSolit) → review-
Thanks for the review. Grammar errors fixed as well as other changes. dkl
Comment on attachment 614673 [details] 3.6.8 sec adv (v2) > header of an authentication request, an attacker could bypass > the current lockout policy used for protection against brute- >The fix for this issue is included in the 3.6.9, 4.0.6 and 4.2.1 releases. This is fine, but these 3 lines are longer than 72 characters. This can be fixed when sending the sec adv by email. r=LpSolit
Added additional security issue fixed.
Attachment #615979 - Flags: review?(LpSolit) → review-
Comment on attachment 616180 [details] 3.6.8 sec advisory (v4) >releases. Upgrading to a release with the relevant fixes will protect your >installation from possible exploits of this issue. s/this issue/these issues/. This can be fixed before sending the sec adv by email. r=LpSolit
Attachment #616180 - Flags: review?(LpSolit) → review+
Security Advisory sent.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.