drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Mantis
Name: |
Mehrere Probleme in Mantis |
|
ID: |
200812-07 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 2. Dezember 2008, 19:14 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4689 |
|
Applikationen: |
Mantis Bug Tracker |
|
Originalnachricht |
--nextPart1948993.7ODo5jXD8t Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High Title: Mantis: Multiple vulnerabilities Date: December 02, 2008 Bugs: #238570, #241940, #242722 ID: 200812-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been discovered in Mantis, the most severe of which leading to the remote execution of arbitrary code.
Background ==========
Mantis is a PHP/MySQL/Web based bugtracking system.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/mantisbt < 1.1.4-r1 >= 1.1.4-r1
Description ===========
Multiple issues have been reported in Mantis:
* EgiX reported that manage_proj_page.php does not correctly sanitize the sort parameter before passing it to create_function() in core/utility_api.php (CVE-2008-4687).
* Privileges of viewers are not sufficiently checked before composing a link with issue data in the source anchor (CVE-2008-4688).
* Mantis does not unset the session cookie during logout (CVE-2008-4689).
* Mantis does not set the secure flag for the session cookie in an HTTPS session (CVE-2008-3102).
Impact ======
Remote unauthenticated attackers could exploit these vulnerabilities to execute arbitrary PHP commands, disclose sensitive issue data, or hijack a user's sessions.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Mantis users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/mantisbt-1.1.4-r1"
References ==========
[ 1 ] CVE-2008-3102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102 [ 2 ] CVE-2008-4687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687 [ 3 ] CVE-2008-4688 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4688 [ 4 ] CVE-2008-4689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4689
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-07.xml
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License =======
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--nextPart1948993.7ODo5jXD8t Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux)
iQIcBAABAgAGBQJJNXZ7AAoJECaaHo/OfoM57oUP/A7WNiOsn45ZuAFczt14qAUy pNjuj1OZEr0YCSTdtF8dkc/eICUDEoZHYmIJFwF8JqTfznkdfKWr0qw14DVBoUyu 1rk/Ao2pbavHiS9IaiYDXimKeo/X20F2M8ey1LtK7sotyjoBaZTUk27HHVuglNol L8Jx7Kk9YITYQkHXcGidpRUXGFqDrxUz3pKQpBfyZ3mYRW46TWK2byhGXlN8Cka+ CJDbQ0FzxiLHFXbPj+cfDheWmNaKvzORjLguCIHOL00psXyHEAV3+MRG9OZbbwRN uME3uNJGt3SeECu5QReMEGqbfHdfp+8TZO6J4gBlMtvxYxjmMCVvANum2WVCzutn hRQoihg9QI3BTLJzrwuwKTlwMfICIXKrF18AzaZl9e6wofHkfZp0rbRBZlun82Oz Y0+dI2mxYqQrwbonO12N/jR/MHfN9Nt6YE+0qYF2l74uKxGGVDHo/q5AnVGCSs7K nTo9O7u3GZXhkuvHL+pYyk+b6qabGOPbfbSkTBcZrDNBxm+jZGV6Ukh+DctcEjEm NjGniQgw5jG4ifiQoiJomQnPYxIJD8hMp1At1OCQABoSni53KQbZoXaj//hBcKYZ W46ZBom165q7KKyaHdJsfz1uegwPLb2bg9wNPkcWjzZhYUuKyiwajzm1mYhvKW0B LU2rIlgwjxOKTUehRvdk =C5uk -----END PGP SIGNATURE-----
--nextPart1948993.7ODo5jXD8t--
|
|
|
|