Vulnerabilities > CVE-2001-1405 - Denial-Of-Service vulnerability in Bugzilla

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

mozilla

NVD

Published: 2001-09-10

Updated: 2016-10-18

Summary

Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Bugzilla 2.4 Mozilla Bugzilla 2.6 Mozilla Bugzilla 2.8 Mozilla Bugzilla 2.10 Mozilla Bugzilla 2.12 Mozilla Bugzilla 2.14	6

Redhat

advisories

rhsa

id	RHSA-2001:107

References

http://bugzilla.mozilla.org/show_bug.cgi?id=54556
http://marc.info/?l=bugtraq&m=99912899900567
http://www.redhat.com/support/errata/RHSA-2001-107.html