Executive Summary
Summary | |
---|---|
Title | MantisBT: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201211-01 | First vendor Publication | 2012-11-08 |
Vendor | Gentoo | Last vendor Modification | 2012-11-08 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in MantisBT, the worst of which allowing for local file inclusion. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201211-01.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201211-01.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
37 % | CWE-264 | Permissions, Privileges, and Access Controls |
37 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
11 % | CWE-200 | Information Exposure |
11 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
5 % | CWE-287 | Improper Authentication |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15100 | |||
Oval ID: | oval:org.mitre.oval:def:15100 | ||
Title: | DSA-2308-1 mantis -- several | ||
Description: | Several vulnerabilities were found in Mantis, a web-based bug tracking system: Insufficient input validation could result in local file inclusion and cross-site scripting. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2308-1 CVE-2011-3357 CVE-2011-3358 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | mantis |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19825 | |||
Oval ID: | oval:org.mitre.oval:def:19825 | ||
Title: | DSA-2500-1 mantis - several | ||
Description: | Several vulnerabilities were discovered in Mantis, an issue tracking system. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2500-1 CVE-2012-1118 CVE-2012-1119 CVE-2012-1120 CVE-2012-1122 CVE-2012-1123 CVE-2012-2692 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | mantis |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-11-26 | Name : Fedora Update for mantis FEDORA-2012-18299 File : nvt/gb_fedora_2012_18299_mantis_fc16.nasl |
2012-11-26 | Name : Fedora Update for mantis FEDORA-2012-18294 File : nvt/gb_fedora_2012_18294_mantis_fc17.nasl |
2012-11-16 | Name : Gentoo Security Advisory GLSA 201211-01 (MantisBT) File : nvt/glsa_201211_01.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2500-1 (mantis) File : nvt/deb_2500_1.nasl |
2012-08-10 | Name : FreeBSD Ports: mantis File : nvt/freebsd_mantis6.nasl |
2012-03-19 | Name : Fedora Update for mantis FEDORA-2011-12336 File : nvt/gb_fedora_2011_12336_mantis_fc16.nasl |
2011-09-30 | Name : MantisBT Multiple Local File Include and Cross Site Scripting Vulnerabilities File : nvt/secpod_mantis_mult_lfi_n_xss_vuln.nasl |
2011-09-21 | Name : Debian Security Advisory DSA 2308-1 (mantis) File : nvt/deb_2308_1.nasl |
2011-09-21 | Name : FreeBSD Ports: mantis File : nvt/freebsd_mantis5.nasl |
2011-09-20 | Name : Fedora Update for mantis FEDORA-2011-12369 File : nvt/gb_fedora_2011_12369_mantis_fc15.nasl |
2011-08-19 | Name : MantisBT Cross Site Scripting and SQL Injection Vulnerabilities File : nvt/gb_mantis_49235.nasl |
2011-01-08 | Name : MantisBT Multiple Vulnerabilities File : nvt/gb_mantisbt_mult_vuln.nasl |
2011-01-04 | Name : Fedora Update for mantis FEDORA-2010-19070 File : nvt/gb_fedora_2010_19070_mantis_fc13.nasl |
2011-01-04 | Name : Fedora Update for mantis FEDORA-2010-19078 File : nvt/gb_fedora_2010_19078_mantis_fc14.nasl |
2010-12-02 | Name : Fedora Update for mantis FEDORA-2010-15061 File : nvt/gb_fedora_2010_15061_mantis_fc14.nasl |
2010-10-08 | Name : MantisBT Multiple Cross-site scripting Vulnerabilities File : nvt/gb_mantis_mult_xss_vuln.nasl |
2010-10-01 | Name : Fedora Update for mantis FEDORA-2010-15082 File : nvt/gb_fedora_2010_15082_mantis_fc13.nasl |
2010-10-01 | Name : Fedora Update for mantis FEDORA-2010-15080 File : nvt/gb_fedora_2010_15080_mantis_fc12.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75829 | MantisBT Multiple Script Direct Request Path Disclosure |
75646 | MantisBT bugs/plugin.php URI XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input appended to the URL upon submission to the 'bugs/plugin.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75296 | MantisBT bug_actiongroup_page.php action Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'action' parameter upon submission to the bug_actiongroup_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75295 | MantisBT bug_actiongroup_ext_page.php action Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'action' parameter upon submission to the bug_actiongroup_ext_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75131 | MantisBT bug_update_advanced_page.php Multiple Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'os', 'os_build' and 'platform' parameters upon submission to the bug_update_advanced_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75130 | MantisBT manage_config_workflow_page.php URI XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input appended to the URL upon submission to the manage_config_workflow_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75129 | MantisBT manage_config_email_page.php URI XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input appended to the URL upon submission to the manage_config_email_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
75128 | MantisBT bug_actiongroup_page.php action Parameter Traversal Local File Inclu... MantisBT contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the bug_actiongroup_page.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'action' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server. |
75127 | MantisBT bug_actiongroup_ext_page.php action Parameter Traversal Local File I... MantisBT contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the bug_actiongroup_ext_page.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'action' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server. |
75126 | MantisBT bug_report_page.php Multiple Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'os', 'os_build' and 'platform' parameters upon submission to the bug_report_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
74566 | MantisBT search.php project_id Parameter XSS MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'project_id' parameter upon submission to the search.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
70157 | MantisBT admin/upgrade_unattended.php db_type Parameter Traversal Local File ... MantisBT contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the admin/upgrade_unattended.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'db_type' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server. |
70156 | MantisBT admin/upgrade_unattended.php db_type Parameter Path Disclosure MantisBT contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker supplies an invalid 'db_type' parameter to the admin/upgrade_unattended.php script, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks. |
70155 | MantisBT admin/upgrade_unattended.php db_type Parameter XSS [MantisBT contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'db_type' parameter upon submission to the admin/upgrade_unattended.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
68391 | MantisBT core/summary_api.php Summary Field XSS |
68390 | MantisBT print_all_bug_page_word.php Project / Category Name XSS |
68389 | MantisBT core/cfdefs/cfdef_standard.php Custom Field Value XSS |
68388 | MantisBT manage_plugin_uninstall.php Plugin Name XSS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18273.nasl - Type : ACT_GATHER_INFO |
2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18294.nasl - Type : ACT_GATHER_INFO |
2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18299.nasl - Type : ACT_GATHER_INFO |
2012-11-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201211-01.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2500.nasl - Type : ACT_GATHER_INFO |
2012-06-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_55587adbb49d11e18df10004aca374af.nasl - Type : ACT_GATHER_INFO |
2011-10-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12336.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12369.nasl - Type : ACT_GATHER_INFO |
2011-09-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2308.nasl - Type : ACT_GATHER_INFO |
2011-09-06 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a83f25dfd77511e08bf1003067b2972c.nasl - Type : ACT_GATHER_INFO |
2011-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2010-19070.nasl - Type : ACT_GATHER_INFO |
2011-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2010-19078.nasl - Type : ACT_GATHER_INFO |
2010-12-22 | Name : The remote web server contains a web application that is susceptible to a loc... File : mantis_db_type_lfi.nasl - Type : ACT_ATTACK |
2010-10-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15061.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15080.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15082.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:37:38 |
|
2012-11-08 21:18:54 |
|