CVE-2001-0330

Name of the Vulnerable Software and Affected Versions Bugzilla version 2.10

Description The issue allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the 'globals.pl' file. This file is normally returned by the web server without being executed, thus exposing the sensitive data.

Recommendations For Bugzilla version 2.10, consider restricting access to the 'globals.pl' file to prevent unauthorized disclosure of sensitive information. As a temporary workaround, ensure that the web server is configured to execute the 'globals.pl' file instead of returning it, or remove the file from publicly accessible directories until a proper fix is applied.