CVE-2005-3138

Publication date 5 October 2005

Last updated 17 July 2025


Ubuntu priority

Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows remote attackers to obtain sensitive information such as the list of installed products via the config.cgi file, which is accessible even when the requirelogin parameter is set.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
bugzilla 7.10 gutsy
Not affected
7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected