CVE-2001-0330 Information

Description

Bugzilla 2.10 allows remote attackers to access sensitive information including the database username and password via an HTTP request for the globals.pl file which is normally returned by the web server without being executed.

Reference

http://www.atstake.com/research/advisories/2001/a043001-1.txt http://www.securityfocus.com/bid/2671 https://exchange.xforce.ibmcloud.com/vulnerabilities/6489