Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Gentoo: GLSA-200512-12 Normal: Mantis Multiple Security Issues

gentoo
Calendar Grey December 22, 2005
Scroller Gentoo
Mantis bug tracker in Gentoo has been exposed to several vulnerabilities, such as SQL injection, unauthorized file uploads, and additional concerns. Immediate upgrade is advised.
Mantis is affected by multiple vulnerabilities ranging from file upload and SQL injection to cross-site scripting and HTTP response splitting.

Summary

Gentoo Linux Security Advisory GLSA 200512-12 https://security.gentoo.org/ Severity: Normal Title: Mantis: Multiple vulnerabilities Date: December 22, 2005 Bugs: #116036 ID: 200512-12

Synopsis ======= Mantis is affected by multiple vulnerabilities ranging from file upload and SQL injection to cross-site scripting and HTTP response splitting.
Background ========= Mantis is a web-based bugtracking system written in PHP.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/mantisbt < 0.19.4 >= 0.19.4
========== Tobias Klein discovered that Mantis contains several vulnerabilities, including:
* a file upload vulnerability.
* an injection vulnerability...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround