ID OPENVAS:860378 Type openvas Reporter Copyright (C) 2009 Greenbone Networks GmbH Modified 2017-07-10T00:00:00
Description
Check for the Version of mantis
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for mantis FEDORA-2008-0353
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Mantis is a web-based bugtracking system.
It is written in the PHP scripting language and requires the MySQL
database and a webserver. Mantis has been installed on Windows, MacOS,
OS/2, and a variety of Unix operating systems. Any web browser should
be able to function as a client.
Documentation can be found in: /usr/share/doc/mantis-1.1.0
When the package has finished installing, you will need to perform some
additional configuration steps; these are described in:
/usr/share/doc/mantis-1.1.0/README.Fedora";
tag_affected = "mantis on Fedora 8";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00309.html");
script_id(860378);
script_version("$Revision: 6623 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-02-17 17:12:43 +0100 (Tue, 17 Feb 2009)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_xref(name: "FEDORA", value: "2008-0353");
script_cve_id("CVE-2007-6611");
script_name( "Fedora Update for mantis FEDORA-2008-0353");
script_summary("Check for the Version of mantis");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC8")
{
if ((res = isrpmvuln(pkg:"mantis", rpm:"mantis~1.1.0~1.fc8", rls:"FC8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mantis-config-httpd", rpm:"mantis-config-httpd~1.1.0~1.fc8", rls:"FC8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mantis", rpm:"mantis~1.1.0~1.fc8", rls:"FC8")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:860378", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for mantis FEDORA-2008-0353", "description": "Check for the Version of mantis", "published": "2009-02-17T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=860378", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00309.html", "2008-0353"], "cvelist": ["CVE-2007-6611"], "lastseen": "2017-07-25T10:56:52", "viewCount": 0, "enchantments": {"score": {"value": 5.2, "vector": "NONE", "modified": "2017-07-25T10:56:52", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-0353", "CVE-2007-6611"]}, {"type": "nessus", "idList": ["FEDORA_2008-0353.NASL", "FEDORA_2008-0282.NASL", "GENTOO_GLSA-200803-04.NASL", "DEBIAN_DSA-1467.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:60211", "OPENVAS:860157", "OPENVAS:60507"]}, {"type": "osvdb", "idList": ["OSVDB:39873"]}, {"type": "gentoo", "idList": ["GLSA-200803-04"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1467-1:E6B75"]}], "modified": "2017-07-25T10:56:52", "rev": 2}, "vulnersScore": 5.2}, "pluginID": "860378", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mantis FEDORA-2008-0353\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mantis is a web-based bugtracking system.\n It is written in the PHP scripting language and requires the MySQL\n database and a webserver. Mantis has been installed on Windows, MacOS,\n OS/2, and a variety of Unix operating systems. Any web browser should\n be able to function as a client.\n\n Documentation can be found in: /usr/share/doc/mantis-1.1.0\n \n When the package has finished installing, you will need to perform some\n additional configuration steps; these are described in:\n /usr/share/doc/mantis-1.1.0/README.Fedora\";\n\ntag_affected = \"mantis on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00309.html\");\n script_id(860378);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:12:43 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-0353\");\n script_cve_id(\"CVE-2007-6611\");\n script_name( \"Fedora Update for mantis FEDORA-2008-0353\");\n\n script_summary(\"Check for the Version of mantis\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"mantis\", rpm:\"mantis~1.1.0~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mantis-config-httpd\", rpm:\"mantis-config-httpd~1.1.0~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mantis\", rpm:\"mantis~1.1.0~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:31:28", "description": "Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php.", "edition": 6, "cvss3": {}, "published": "2008-01-03T22:46:00", "title": "CVE-2007-6611", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6611"], "modified": "2008-11-15T07:05:00", "cpe": ["cpe:/a:mantis:mantis:1.1.0a1"], "id": "CVE-2007-6611", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6611", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mantis:mantis:1.1.0a1:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:57:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6611"], "description": "Check for the Version of mantis", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860157", "href": "http://plugins.openvas.org/nasl.php?oid=860157", "type": "openvas", "title": "Fedora Update for mantis FEDORA-2008-0282", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mantis FEDORA-2008-0282\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mantis is a web-based bugtracking system.\n It is written in the PHP scripting language and requires the MySQL\n database and a webserver. Mantis has been installed on Windows, MacOS,\n OS/2, and a variety of Unix operating systems. Any web browser should\n be able to function as a client.\n\n Documentation can be found in: /usr/share/doc/mantis-1.1.0\n \n When the package has finished installing, you will need to perform some\n additional configuration steps; these are described in:\n /usr/share/doc/mantis-1.1.0/README.Fedora\";\n\ntag_affected = \"mantis on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00227.html\");\n script_id(860157);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:12:43 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-0282\");\n script_cve_id(\"CVE-2007-6611\");\n script_name( \"Fedora Update for mantis FEDORA-2008-0282\");\n\n script_summary(\"Check for the Version of mantis\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"mantis\", rpm:\"mantis~1.1.0~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mantis-config-httpd\", rpm:\"mantis-config-httpd~1.1.0~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mantis\", rpm:\"mantis~1.1.0~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6611"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200803-04.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:60507", "href": "http://plugins.openvas.org/nasl.php?oid=60507", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200803-04 (mantis)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A persistent Cross-Site Scripting vulnerability has been discovered in\nMantis.\";\ntag_solution = \"All Mantis users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/mantisbt-1.0.8-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200803-04\nhttp://bugs.gentoo.org/show_bug.cgi?id=203791\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200803-04.\";\n\n \n\nif(description)\n{\n script_id(60507);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-6611\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200803-04 (mantis)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-apps/mantisbt\", unaffected: make_list(\"ge 1.0.8-r1\"), vulnerable: make_list(\"lt 1.0.8-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6611", "CVE-2006-6574"], "description": "The remote host is missing an update to mantis\nannounced via advisory DSA 1467-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-31T00:00:00", "id": "OPENVAS:60211", "href": "http://plugins.openvas.org/nasl.php?oid=60211", "type": "openvas", "title": "Debian Security Advisory DSA 1467-1 (mantis)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1467_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1467-1 (mantis)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in Mantis, a web based\nbug tracking system. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2006-6574\n\nCustom fields were not appropriately protected by per-item access\ncontrol, allowing for sensitive data to be published.\n\nCVE-2007-6611\n\nMultiple cross site scripting issues allowed a remote attacker to\ninsert malicious HTML or web script into Mantis web pages.\n\nThe stable distribution (etch) is not affected by these problems.\n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 0.19.2-5sarge5.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.8-4.\n\nWe recommend that you upgrade your mantis package.\";\ntag_summary = \"The remote host is missing an update to mantis\nannounced via advisory DSA 1467-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201467-1\";\n\n\nif(description)\n{\n script_id(60211);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-31 16:11:48 +0100 (Thu, 31 Jan 2008)\");\n script_cve_id(\"CVE-2006-6574\", \"CVE-2007-6611\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1467-1 (mantis)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mantis\", ver:\"0.19.2-5sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-6611"], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=562940\nVendor Specific News/Changelog Entry: http://www.mantisbt.org/bugs/view.php?id=8679\n[Secunia Advisory ID:28185](https://secuniaresearch.flexerasoftware.com/advisories/28185/)\n[Secunia Advisory ID:28352](https://secuniaresearch.flexerasoftware.com/advisories/28352/)\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00227.html\n[CVE-2007-6611](https://vulners.com/cve/CVE-2007-6611)\nBugtraq ID: 27045\n", "edition": 1, "modified": "2007-12-19T00:00:00", "published": "2007-12-19T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:39873", "id": "OSVDB:39873", "title": "Mantis view.php Filename XSS", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6611"], "description": "Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.1.0 When the package has finished installing, you will need to perform some additional configuration steps; these are described in: /usr/share/doc/mantis-1.1.0/README.Fedora ", "modified": "2008-01-07T01:20:36", "published": "2008-01-07T01:20:36", "id": "FEDORA:M071KBR9001648", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: mantis-1.1.0-1.fc7", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6611"], "description": "Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.1.0 When the package has finished installing, you will need to perform some additional configuration steps; these are described in: /usr/share/doc/mantis-1.1.0/README.Fedora ", "modified": "2008-01-07T01:29:56", "published": "2008-01-07T01:29:56", "id": "FEDORA:M071TGQK002766", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: mantis-1.1.0-1.fc8", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-07T10:52:19", "description": "The remote host is affected by the vulnerability described in GLSA-200803-04\n(Mantis: XSS)\n\n seiji reported that the filename for the uploaded file in\n bug_report.php is not properly sanitised before being stored.\n \nImpact :\n\n A remote attacker could upload a file with a specially crafted to a bug\n report, resulting in the execution of arbitrary HTML and script code\n within the context of the users's browser. Note that this vulnerability\n is only exploitable by authenticated users.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2008-03-07T00:00:00", "title": "GLSA-200803-04 : Mantis: XSS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6611"], "modified": "2008-03-07T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:mantisbt", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200803-04.NASL", "href": "https://www.tenable.com/plugins/nessus/31379", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200803-04.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31379);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-6611\");\n script_bugtraq_id(27045);\n script_xref(name:\"GLSA\", value:\"200803-04\");\n\n script_name(english:\"GLSA-200803-04 : Mantis: XSS\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200803-04\n(Mantis: XSS)\n\n seiji reported that the filename for the uploaded file in\n bug_report.php is not properly sanitised before being stored.\n \nImpact :\n\n A remote attacker could upload a file with a specially crafted to a bug\n report, resulting in the execution of arbitrary HTML and script code\n within the context of the users's browser. Note that this vulnerability\n is only exploitable by authenticated users.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200803-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Mantis users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/mantisbt-1.0.8-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mantisbt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-apps/mantisbt\", unaffected:make_list(\"ge 1.0.8-r1\"), vulnerable:make_list(\"lt 1.0.8-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mantis\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:06:17", "description": "Please note this is a major mantis release, and a upgrade to the DB\nschema is needed.\n\nPlease refer to the package documentation to complete the upgrade.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-01-07T00:00:00", "title": "Fedora 7 : mantis-1.1.0-1.fc7 (2008-0282)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6611"], "modified": "2008-01-07T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:mantis-config-httpd", "p-cpe:/a:fedoraproject:fedora:mantis"], "id": "FEDORA_2008-0282.NASL", "href": "https://www.tenable.com/plugins/nessus/29862", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0282.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29862);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-6611\");\n script_bugtraq_id(27045);\n script_xref(name:\"FEDORA\", value:\"2008-0282\");\n\n script_name(english:\"Fedora 7 : mantis-1.1.0-1.fc7 (2008-0282)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Please note this is a major mantis release, and a upgrade to the DB\nschema is needed.\n\nPlease refer to the package documentation to complete the upgrade.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427277\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006580.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0de24e6d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mantis and / or mantis-config-httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mantis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mantis-config-httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"mantis-1.1.0-1.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"mantis-config-httpd-1.1.0-1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mantis / mantis-config-httpd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:06:17", "description": "Please note this is a major mantis release, and a upgrade to the DB\nschema is needed.\n\nPlease refer to the package documentation to complete the upgrade.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-01-07T00:00:00", "title": "Fedora 8 : mantis-1.1.0-1.fc8 (2008-0353)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6611"], "modified": "2008-01-07T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:mantis-config-httpd", "p-cpe:/a:fedoraproject:fedora:mantis"], "id": "FEDORA_2008-0353.NASL", "href": "https://www.tenable.com/plugins/nessus/29865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-0353.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29865);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-6611\");\n script_bugtraq_id(27045);\n script_xref(name:\"FEDORA\", value:\"2008-0353\");\n\n script_name(english:\"Fedora 8 : mantis-1.1.0-1.fc8 (2008-0353)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Please note this is a major mantis release, and a upgrade to the DB\nschema is needed.\n\nPlease refer to the package documentation to complete the upgrade.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427277\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=427279\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-January/006662.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?33609af0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mantis and / or mantis-config-httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mantis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mantis-config-httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"mantis-1.1.0-1.fc8\")) flag++;\nif (rpm_check(release:\"FC8\", reference:\"mantis-config-httpd-1.1.0-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mantis / mantis-config-httpd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T09:44:55", "description": "Several remote vulnerabilities have been discovered in Mantis, a\nweb-based bug tracking system. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2006-6574\n Custom fields were not appropriately protected by\n per-item access control, allowing for sensitive data to\n be published.\n\n - CVE-2007-6611\n Multiple cross site scripting issues allowed a remote\n attacker to insert malicious HTML or web script into\n Mantis web pages.", "edition": 25, "published": "2008-01-21T00:00:00", "title": "Debian DSA-1467-1 : mantis - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6611", "CVE-2006-6574"], "modified": "2008-01-21T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:mantis"], "id": "DEBIAN_DSA-1467.NASL", "href": "https://www.tenable.com/plugins/nessus/30023", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1467. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(30023);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-6574\", \"CVE-2007-6611\");\n script_bugtraq_id(27045);\n script_xref(name:\"DSA\", value:\"1467\");\n\n script_name(english:\"Debian DSA-1467-1 : mantis - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in Mantis, a\nweb-based bug tracking system. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2006-6574\n Custom fields were not appropriately protected by\n per-item access control, allowing for sensitive data to\n be published.\n\n - CVE-2007-6611\n Multiple cross site scripting issues allowed a remote\n attacker to insert malicious HTML or web script into\n Mantis web pages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-6574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2008/dsa-1467\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mantis package.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 0.19.2-5sarge5.\n\nThe stable distribution (etch) is not affected by these problems.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mantis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/21\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"mantis\", reference:\"0.19.2-5sarge5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:21", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6611"], "edition": 1, "description": "### Background\n\nMantis is a web-based bug tracking system. \n\n### Description\n\nseiji reported that the filename for the uploaded file in bug_report.php is not properly sanitised before being stored. \n\n### Impact\n\nA remote attacker could upload a file with a specially crafted to a bug report, resulting in the execution of arbitrary HTML and script code within the context of the users's browser. Note that this vulnerability is only exploitable by authenticated users. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Mantis users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apps/mantisbt-1.0.8-r1\"", "modified": "2008-03-03T00:00:00", "published": "2008-03-03T00:00:00", "id": "GLSA-200803-04", "href": "https://security.gentoo.org/glsa/200803-04", "type": "gentoo", "title": "Mantis: Cross-Site Scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2019-05-30T02:21:37", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6611", "CVE-2006-6574"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1467-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nJanuary 19, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : mantis\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2006-6574 CVE-2007-6611\nDebian Bug : 402802 458377\n\nSeveral remote vulnerabilities have been discovered in Mantis, a web based\nbug tracking system. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2006-6574\n\n Custom fields were not appropriately protected by per-item access\n control, allowing for sensitive data to be published.\n\nCVE-2007-6611\n\n Multiple cross site scripting issues allowed a remote attacker to\n insert malicious HTML or web script into Mantis web pages.\n\t\nThe stable distribution (etch) is not affected by these problems.\n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 0.19.2-5sarge5.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.8-4.\n\nWe recommend that you upgrade your mantis package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2-5sarge5.dsc\n Size/MD5 checksum: 874 176c95ad5f1142fcb9364540fd19eeea\n http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2.orig.tar.gz\n Size/MD5 checksum: 1298615 042c42c6de3bc536181391c1e9b25db3\n http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2-5sarge5.diff.gz\n Size/MD5 checksum: 46292 b1c5f077e0046c5b33d77e99a2b4ffe5\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/mantis/mantis_0.19.2-5sarge5_all.deb\n Size/MD5 checksum: 898014 5708305cbd20cde4825b3adb7d72d3a1\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 2, "modified": "2008-01-19T12:42:13", "published": "2008-01-19T12:42:13", "id": "DEBIAN:DSA-1467-1:E6B75", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00026.html", "title": "[SECURITY] [DSA 1467-1] New mantis packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
