Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Jan 2013 13:04:48 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: David Hicks <d@...id.au>, Jakub Galczyk <jakub.galczyk@...il.com>
Subject: Re: CVE request: MantisBT before 1.2.13 match_type
 XSS vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/18/2013 04:31 AM, David Hicks wrote:
> Hi list,
> 
> Jakub Galczyk discovered[1][2] a cross site scripting (XSS) 
> vulnerability in MantisBT 1.2.12 and earlier versions that allows
> a malicious person to trick the browser of a target user into
> executing arbitrary JavaScript via the URL:
> search.php?match_type="><script...
> 
> This vulnerability is particularly wide reaching due to search.php
> being usable by anonymous users on public facing installations of
> MantisBT (no user account required).
> 
> Patches against 1.2.x and master branches are attached and
> alternatively available at [2].
> 
> References: [1] 
> http://hauntit.blogspot.de/2013/01/en-mantis-bug-tracker-1212-persistent.html
>
> 
[2] http://www.mantisbt.org/bugs/view.php?id=15373
> 
> The MantisBT project will release MantisBT 1.2.13 shortly and
> advise popular Linux distributions packaging MantisBT to either
> apply the patch or bump package versions to 1.2.13.
> 
> Can a CVE ID please be assigned to this issue?
> 
> With thanks, David Hicks MantisBT Developer #mantisbt
> irc.freenode.net http://www.mantisbt.org/bugs/
> 
> Bcc: mantisbt-dev@...ts.sourceforge.net
> 

Please use CVE-2013-0197 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ+arfAAoJEBYNRVNeJnmTmFEP/28iPEY+BZRxSnVeZEl+iK2c
N7jpChQMGr/Pm+R8Zvi/wtwWretAs/TLitXFO+smd6X0LnM5ar1U/9SnJj9a2Ep7
6ZOVDLRz7p6q8Op8twlFDYuAfnpWfAPe0ruEza5LFADyWEUUT0xXmv5NL+pqdF+0
sx+5GHOUVqjnvm4vNPdJL5v3IMpEDH+9OWEuSSAFJ+RUG2cXW181PdRIvVXmsO/S
/UcwiCJTLeM0VoYqFHt5r0aYpDGTAKoJs+9XPP/cfmK69rzG+HRx5IZXIrMbB3SY
liCMQcD22lWTJhPLA68zRAxTPnJO1ec7NmjntJ5Gp0m+0pVKtXI2DVJFgRPpdHFH
DIa30q9xsKof5d77QPisJkCJAJ+BvqLLG6PsMUwWlzF8vwGAmSHqzG8UZStMRe4W
IWu0uj2l87g2o4P5ulJCcFDIqKO8LwoDBcu8yaCyMPX3N6d0z9SGmQSwL08zdxq8
RXcN6vBQxNpnEBsyups99UyYXr5CEnXZqZlGfVbVNCz25yqLW8iPFZ6ihKN9jX7h
XDDG+u1AuGk+7WBJ5EqHXFA2NKFiEtghGtot14LrqXHst8g6cNlyKpbHvpakVRF0
F8yqqEzA4WYet0PTNnbHbA2jQoJ9l1n54GT51peNnocG+29m093tM7O5iF2daM/W
bUxSPRuQ1qI1i1iS5p46
=4IdZ
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ