| VID |
21756 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Mantis program is vulnerable to a remote and local file include vulnerability. Mantis is a freely available PHP-based bug tracking system that uses a MySQL backend database. Mantis versions 0.19.2 and 1.0.0rc2 could allow a remote attacker to read arbitrary files on the affected host or to execute arbitrary PHP script code in the security context of the Web server process when the register_globals option is enabled. In addition, the installed version may be prone to SQL injection, cross-site scripting, and information disclosure attacks.
* References:
http://secunia.com/secunia_research/2005-46/advisory/
http://sourceforge.net/mailarchive/forum.php?thread_id=8517463&forum_id=7369
* Platforms Affected:
Mantis versions 0.19.2 and 1.0.0rc2
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of mantis (0.19.3 or later), as available from the Mantis Web site at http://www.mantisbt.org/ |
| Related URL |
(CVE) |
| Related URL |
15210,15212 (SecurityFocus) |
| Related URL |
(ISS) |
|
