Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 28 Feb 2014 18:34:44 +0100
From: Damien Regad <dregad@...tisbt.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: MantisBT 1.2.13 SQL injection vulnerability

Greetings

Jakub Galczyk (HauntIT blog http://hauntit.blogspot.com/) discovered an 
SQL injection vulnerability issue affecting MantisBT >= 1.2.13.

admin_config_report.php relied on unsanitized, inlined query parameters, 
enabling a malicious user to perform an SQL injection attack.

The criticality of this issue is compounded by the fact that typically a 
high-privilege account (i.e. having an access level >= 
$g_view_configuration_threshold, which is set to ADMINISTRATOR by 
default) is required to access this page.

Patches are attached to [1]. Can you please assign a CVE ID to this issue ?

Thank you

D. Regad
MantisBT Developer
http://mantisbt.org/

[1] http://www.mantisbt.org/bugs/view.php?id=17055

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.