9 matches found
Fedora Update for mantis FEDORA-2015-12010
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MantisBT 1.3.0-beta.1 Multiple Vulnerabilities
Binary data 8907.prm...
Fedora 20 : mantis-1.2.19-1.fc20 (2015-1364)
Security fix for CVE-2014-9571, CVE-2014-9572, CVE-2014-9573 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 21 : mantis-1.2.19-1.fc21 (2015-1419)
Security fix for CVE-2014-9571, CVE-2014-9572, CVE-2014-9573 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora Update for mantis FEDORA-2015-1419
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Multiple vulnerabilities in MantisBT
Advisory ID: HTB23243 Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical details Vendor Notification: December 3, 2014 Vendor Patch: January 25, 2015 Public Disclosure: January 28,...
MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection Vulnerabilities
MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical...
MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
Advisory ID: HTB23243 Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical details Vendor Notification: December 3, 2014 Vendor Patch: January 25, 2015 Public Disclosure: January 28,...
CVE-2014-9572
CVE-2014-9572 affects MantisBT versions prior to 1.2.19 and 1.3.x prior to 1.3.0-beta.2. The issue is improper access restriction on the file path /*/install.php, allowing remote attackers to obtain database credentials via the install parameter with the value 4. This is a credential disclosure d...