Executive Summary
Summary | |
---|---|
Title | mantis security update |
Informations | |||
---|---|---|---|
Name | DSA-2308 | First vendor Publication | 2011-09-12 |
Vendor | Debian | Last vendor Modification | 2011-09-12 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities were found in Mantis, a web-based bug tracking system: Insufficient input validation could result in local file inclusion and cross-site scripting. For the oldstable distribution (lenny), this problem has been fixed in version 1.1.6+dfsg-2lenny6. For the stable distribution (squeeze), this problem has been fixed in version 1.1.8+dfsg-10squeeze1. For the unstable distribution (sid), this problem has been fixed in version 1.2.7-1. We recommend that you upgrade your mantis packages. |
Original Source
Url : http://www.debian.org/security/2011/dsa-2308 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
33 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15100 | |||
Oval ID: | oval:org.mitre.oval:def:15100 | ||
Title: | DSA-2308-1 mantis -- several | ||
Description: | Several vulnerabilities were found in Mantis, a web-based bug tracking system: Insufficient input validation could result in local file inclusion and cross-site scripting. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2308-1 CVE-2011-3357 CVE-2011-3358 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | mantis |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-11-16 | Name : Gentoo Security Advisory GLSA 201211-01 (MantisBT) File : nvt/glsa_201211_01.nasl |
2012-03-19 | Name : Fedora Update for mantis FEDORA-2011-12336 File : nvt/gb_fedora_2011_12336_mantis_fc16.nasl |
2011-09-30 | Name : MantisBT Multiple Local File Include and Cross Site Scripting Vulnerabilities File : nvt/secpod_mantis_mult_lfi_n_xss_vuln.nasl |
2011-09-21 | Name : Debian Security Advisory DSA 2308-1 (mantis) File : nvt/deb_2308_1.nasl |
2011-09-20 | Name : Fedora Update for mantis FEDORA-2011-12369 File : nvt/gb_fedora_2011_12369_mantis_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75296 | MantisBT bug_actiongroup_page.php action Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'action' parameter upon submission to the bug_actiongroup_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75295 | MantisBT bug_actiongroup_ext_page.php action Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'action' parameter upon submission to the bug_actiongroup_ext_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75131 | MantisBT bug_update_advanced_page.php Multiple Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'os', 'os_build' and 'platform' parameters upon submission to the bug_update_advanced_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75128 | MantisBT bug_actiongroup_page.php action Parameter Traversal Local File Inclu... MantisBT contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the bug_actiongroup_page.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'action' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server. |
75127 | MantisBT bug_actiongroup_ext_page.php action Parameter Traversal Local File I... MantisBT contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the bug_actiongroup_ext_page.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'action' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server. |
75126 | MantisBT bug_report_page.php Multiple Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'os', 'os_build' and 'platform' parameters upon submission to the bug_report_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-11-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201211-01.nasl - Type : ACT_GATHER_INFO |
2011-10-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12336.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12369.nasl - Type : ACT_GATHER_INFO |
2011-09-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2308.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:30:26 |
|