FreeBSD : mantis -- multiple vulnerabilities (55587adb-b49d-11e1-8df1-0004aca374af)

NASLDB: FreeBSD : mantis -- multiple vulnerabilities (55587adb-b49d-11e1-8df1-0004aca374af)

General

ID: 59466
Name: FreeBSD : mantis — multiple vulnerabilities (55587adb-b49d-11e1-8df1-0004aca374af)

Summary: Checks for updated package in pkg_info output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: –

Port: 0
Family: FreeBSD Local Security Checks
Type: Local

Description

Mantis reports :

Roland Becker and Damien Regad (MantisBT developers) found that any
user able to report issues via the SOAP interface could also modify
any bugnotes (comments) created by other users. In a default/typical
MantisBT installation, SOAP API is enabled and any user can sign up to
report new issues. This vulnerability therefore impacts upon many
public facing MantisBT installations.

Roland Becker (MantisBT developer) found that the
delete_attachments_threshold permission was not being checked when a
user attempted to delete an attachment from an issue. The more generic
update_bug_threshold permission was being checked instead. MantisBT
administrators may have been under the false impression that their
configuration of the delete_attachments_threshold was successfully
preventing unwanted users from deleting attachments.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2012-2691
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2012/06/09
Patch Release: 2012/06/12
Plugin Release: 2012/06/13

Plugin

Version: 1.3
Filename: freebsd_pkg_55587adbb49d11e18df10004aca374af.nasl
Filesize: 5098 bytes
MD5 Hash: 15ccfd3284187845ea4f15471d2c2769

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG