Vulnerabilities > CVE-2002-0007 - Unspecified vulnerability in Mozilla Bugzilla

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mozilla

NVD

Published: 2002-01-31

Updated: 2024-11-20

Summary

CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Bugzilla - Mozilla Bugzilla 2.0 Mozilla Bugzilla 2.2 Mozilla Bugzilla 2.4 Mozilla Bugzilla 2.6 Mozilla Bugzilla 2.8 Mozilla Bugzilla 2.9 Mozilla Bugzilla 2.10 Mozilla Bugzilla 2.12 Mozilla Bugzilla 2.14 Mozilla Bugzilla 2.14.1	11

Redhat

advisories

rhsa

id	RHSA-2002:001

References

http://archives.neohapsis.com/archives/bugtraq/2002-01/0034.html
http://archives.neohapsis.com/archives/bugtraq/2002-01/0034.html
http://bugzilla.mozilla.org/show_bug.cgi?id=54901
http://bugzilla.mozilla.org/show_bug.cgi?id=54901
http://rhn.redhat.com/errata/RHSA-2002-001.html
http://rhn.redhat.com/errata/RHSA-2002-001.html
http://www.bugzilla.org/security2_14_1.html
http://www.bugzilla.org/security2_14_1.html
http://www.securityfocus.com/bid/3792
http://www.securityfocus.com/bid/3792
https://exchange.xforce.ibmcloud.com/vulnerabilities/7812
https://exchange.xforce.ibmcloud.com/vulnerabilities/7812