| VID |
21352 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Mantis on the remote Web server, according to its version number, has Multiple Vulnerabilities.
Mantis is a freely available PHP-based bug tracking system that uses a MySQL backend database. Mantis versions 0.19.0a and earlier are vulnerable to the following vulnerabilities:
- New Account Signup Mass E-mailing Vulnerability: A remote attacker could flood a designated host with emails by subscribing the same email address multiple times, caused by a flaw in its signup process.
- PHP file include Vulnerability: A remote attacker could execute code on the system, caused by improper filtering of the $t_core_path and $t_core_dir variables.
* Note: This check solely relied on the version of Mantis on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-08/0292.html
* Platforms Affected:
Mantis version 0.19.0a and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Mantis (0.19.0a2 or later), available from the Mantis web site at http://www.mantisbt.org/index.php |
| Related URL |
CVE-2004-1731 (CVE) |
| Related URL |
10993,10995 (SecurityFocus) |
| Related URL |
17093 (ISS) |
|
