Information Disclosure Vulnerability in reportbug by Debian
CVE-2005-0625

Currently unrated

Key Information:

Vendor: Debian
Status: Reportbug
Vendor: CVE Published:; 28 February 2005

Summary

The reportbug tool version 3.2 in Debian improperly includes configuration settings from the .reportbugrc file in its bug reports. This behavior can lead to the unintentional exposure of sensitive information, including SMTP credentials like smtpuser and smtppasswd. Hackers could exploit this vulnerability to collect sensitive data, increasing the risk of unauthorized access and data breaches.

References

https://bugzilla.ubuntu.com/show_bug.cgi?id=6600

x_refsource_MISC

https://bugzilla.ubuntu.com/show_bug.cgi?id=6717

x_refsource_CONFIRM

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295407

x_refsource_MISC

Timeline

Vulnerability Reserved
Mar 2, 2005
Vulnerability published
Feb 28, 2005