Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://secunia.com/advisories/32314/
http://www.vuxml.org/freebsd/af2745c0-c3e0-11dd-a721-0030843d3802.html
Insight
The following package is affected: mantis
CVE-2008-4687
manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php.
Severity
Classification
-
CVE CVE-2008-4687 -
CVSS Base Score: 9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C
Related Vulnerabilities