Vulnerabilities > CVE-2001-1405 - Denial-Of-Service vulnerability in Bugzilla

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
low complexity
mozilla

Summary

Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.

Redhat

advisories
rhsa
idRHSA-2001:107