Name | CVE-2005-1565 |
Description | Bugzilla 2.17.1 through 2.18, 2.19.1, and 2.19.2, when a user is prompted to log in while attempting to view a chart, displays the password in the URL, which may allow local users to gain sensitive information from web logs or browser history. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Debian Bugs | 308789 |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
bugzilla | source | woody | (not affected) | |||
bugzilla | source | sarge | (not affected) | |||
bugzilla | source | (unstable) | 2.18-7 | medium | 308789 |
[woody] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)
[sarge] - bugzilla <not-affected> (Only Bugzilla >= 2.17 is affected)