Joined: 12 May 2004
|Posted: Sun Sep 21, 2008 6:26 pm Post subject: [ GLSA 200809-10 ] Mantis: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: Mantis: Multiple vulnerabilities (GLSA 200809-10)
Date: September 21, 2008
Updated: November 26, 2008
Bug(s): #222649, #233336
Multiple vulnerabilities have been reported in Mantis.
Mantis is a PHP/MySQL/Web based bugtracking system.
Vulnerable: < 1.1.2
Unaffected: >= 1.1.2
Architectures: All supported architectures
Antonio Parata and Francesco Ongaro reported a Cross-Site Request Forgery vulnerability in manage_user_create.php (CVE-2008-2276), a Cross-Site Scripting vulnerability in return_dynamic_filters.php (CVE-2008-3331), and an insufficient input validation in adm_config_set.php (CVE-2008-3332). A directory traversal vulnerability in core/lang_api.php (CVE-2008-3333) has also been reported.
A remote attacker could exploit these vulnerabilities to execute arbitrary HTML and script code, create arbitrary users with administrative privileges, execute arbitrary PHP commands, and include arbitrary files.
There is no known workaround at this time.
All Mantis users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/mantisbt-1.1.2"
Last edited by GLSA on Thu Nov 27, 2008 4:19 am; edited 1 time in total