Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
FreeBSD Ports: mantis
Information
Severity
Severity
Critical
Family
Family
FreeBSD Local Security Checks
CVSSv2 Base
CVSSv2 Base
9.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
15 years ago
Modified
Modified
7 years ago
Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Insight
Insight
The following package is affected: mantis CVE-2008-4687 manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php.
Solution
Solution
Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/32314/ http://www.vuxml.org/freebsd/af2745c0-c3e0-11dd-a721-0030843d3802.html