Mantis Configuration Remote File Include Command Execution Vulnerability

Bugtraq ID: 5509
Class: Design Error
CVE: CVE-2002-1114
Remote: Yes
Local: No
Published: Aug 19 2002 12:00AM
Updated: Jul 11 2009 03:56PM
Credit: Discovery of this issue is credited to Andrew Johnson. The Debian Security Team also independently discovered this issue.
Vulnerable: Mantis Mantis 0.17.3
Mantis Mantis 0.17.2
Mantis Mantis 0.17.1
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Mantis Mantis 0.17 .0
Not Vulnerable: Mantis Mantis 0.17.4 a
Mantis Mantis 0.17.4


 

Privacy Statement
Copyright 2010, SecurityFocus