Bug 169220 - File inclusion, upload, XSS, and SQL injection vulnerabilities
File inclusion, upload, XSS, and SQL injection vulnerabilities
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: mantis (Show other bugs)
4
All Linux
medium Severity medium
: ---
: ---
Assigned To: Gianluca Sforna
Fedora Extras Quality Assurance
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-09-25 05:26 EDT by Ville Skyttä
Modified: 2007-11-30 17:11 EST (History)
3 users (show)

See Also:
Fixed In Version: 0.19.4-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-20 18:51:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 1 Ville Skyttä 2005-10-22 03:38:26 EDT
ping 
Comment 2 Ville Skyttä 2005-10-26 17:13:17 EDT
...and the newest one, rated highly critical: 
http://secunia.com/advisories/16818/ 
Comment 3 Ville Skyttä 2005-12-22 17:26:31 EST
There's more: 0.19.4 fixes:

- #0006419: [security] File Upload Vulnerability (TKADV2005-11-002) (thraxisp)
- #0006420: [security] Injection Vulnerabilities in Filters (TKADV2005-11-002)
(thraxisp)
- #0006457: [security] SQL Injection in manage user page (TKADV2005-11-002)
(vboctor)
- #0006460: [security] HTTP Header CRLF Injection (TKADV2005-11-002) (vboctor)
- #0006486: [security] Port XSS Vulnerability in filters (TKADV2005-11-002)
(thraxisp)

http://seclists.org/lists/fulldisclosure/2005/Dec/1214.html
Comment 4 Roozbeh Pournader 2006-01-02 05:37:54 EST
Extras currently has mantis-0.19.4-1.fc4. So most of these are irrelevant.

> http://www.gentoo.org/security/en/glsa/glsa-200509-16.xml

This is only for < 0.19.2.

> http://secunia.com/advisories/16818/

This is only for < 0.19.3.

> http://seclists.org/lists/fulldisclosure/2005/Dec/1214.html

Again, these are for < 0.19.4.

> http://secunia.com/advisories/16506/

In this, it says that from the five vulnerabilities listed, three are fixed in
0.19.3. Ville, would you please investigate the other two (#3 and #4 in the
referred page) further?
Comment 5 Ville Skyttä 2006-01-02 10:55:14 EST
(In reply to comment #4)
> Extras currently has mantis-0.19.4-1.fc4. So most of these are irrelevant.

They were not irrelevant at the time I reported them :)

> Ville, would you please investigate the other two (#3 and #4 in the
> referred page) further?

Sorry, I don't have time for that (I don't have any use for mantis myself); I'm
just reporting security bugs I happen to notice somewhere that don't seem to be
fixed in Extras.
Comment 6 Dennis Gilmore 2006-03-09 14:12:19 EST
Enrico  can i please ask you to check on the last few remaining issues here 
please? 
Comment 7 Dennis Gilmore 2006-09-15 11:03:23 EDT
Enrico,

Please ensure that all issues are fixed.  

If not I will request that mantis be removed from extras for FC-6 
Comment 8 Ville Skyttä 2006-10-10 13:48:21 EDT
Reassign to current maintainer.
Comment 9 Gianluca Sforna 2006-10-20 18:51:44 EDT
I had a look at the reports: what I understand is that all issues are addressed
in the currently distributed versions.

The only unsure reports are #3 and #4 in

http://secunia.com/advisories/16506/

but it looks like they are not detailed enough to understand how/if the app is
vulnerable.

closing CURRENTRELEASE


Note You need to log in before you can comment on or make changes to this bug.