This host is installed with MantisBT and is prone to multiple vulnerabilities.

Successful exploitation will allow attackers to inject or manipulate SQL queries in the backend database, execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server, execute arbitrary PHP code, bypass security mechanisms, conduct open redirect and phishing attacks, assign arbitrary issues, and obtain sensitive information. Impact Level: Application

Upgrade to MantisBT version 1.2.18 or later. For updates refer to http://www.mantisbt.org/download.php

Multiple flaws exist due to, - an error in the 'mc_project_get_attachments' function in api/soap/mc_project_api.php script which does not properly sanitize user-supplied input before using it in SQL queries. - the view_all_bug_page.php script not properly sanitizing user-supplied input to the 'sort' and 'dir' parameters to view_all_set.php. - null byte poisoning in LDAP authentication. - the copy_field.php script which does not validate input to the 'dest_id' parameter before returning it to users. - input passed via the 'filter' parameter is not properly sanitized by the 'current_user_get_bug_filter' function in the core/current_user_api.php script. - an error in the CAPTCHA system that is triggered upon registration. - an error in user rights to see a given ticket and its related issues. - application does not validate the 'return' parameter upon submission to the /bugs/login_page.php script. - input passed via the 'handler_id' parameter is not properly sanitized when passed via the bug_report.php script. - an error in the 'mci_account_get_array_by_id' function in the api/soap/mc_account_api.php script.

MantisBT version 1.2.17 and earlier

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://seclists.org/oss-sec/2014/q4/479
• http://www.mantisbt.org/bugs/view.php?id=17812
• http://www.osvdb.org/103338
• http://xforce.iss.net/xforce/xfdb/98457

---

Updated on 2015-03-25