Hi,
Mantis is php/MySQL/web based bug tracking system, available at
http://mantisbt.sourceforge.net/.
It currently suffers from a classical PHP bad coding practice (altough i
would bet on distraction for this particular situation ), that may
result on remote command execution via a include file.
Users affected should aply the quick fix bellow, other acordingly, or
update mantisbt via CVS.
Affected versions should include the latest available for download ( at
the time of writing, 0.17.3), as well as the previous ones that include
the jpgraph feature.
Regards,
Joao Gouveia
------------
tharbad@kaotik.org
-----Original Message-----
From: mantisbt-announce-admin@lists.sourceforge.net
[mailto:mantisbt-announce-admin@lists.sourceforge.net] On Behalf Of
Kenzaburo Ito
Sent: Tuesday, August 13, 2002 02:34
To: mantisbt-announce@lists.sourceforge.net
Subject: [Mantisbt-announce] Security Advisory
All,
There is a security hole in summary_graph_functions.php. Users may be
able to run code remotely. To fix, insert these lines at the top:
if ( isset($HTTP_GET_VARS['g_jpgraph_path']) ||
isset($HTTP_POST_VARS['g_jpgraph_path']) ||
isset($HTTP_COOKIE_VARS['g_jpgraph_path']) ) {
exit;
}
Thanks go to Joao Gouveia: tharbad@kaotik.org
Thanks,
-Ken
Mantis is php/MySQL/web based bug tracking system, available at
http://mantisbt.sourceforge.net/.
It currently suffers from a classical PHP bad coding practice (altough i
would bet on distraction for this particular situation ), that may
result on remote command execution via a include file.
Users affected should aply the quick fix bellow, other acordingly, or
update mantisbt via CVS.
Affected versions should include the latest available for download ( at
the time of writing, 0.17.3), as well as the previous ones that include
the jpgraph feature.
Regards,
Joao Gouveia
------------
tharbad@kaotik.org
-----Original Message-----
From: mantisbt-announce-admin@lists.sourceforge.net
[mailto:mantisbt-announce-admin@lists.sourceforge.net] On Behalf Of
Kenzaburo Ito
Sent: Tuesday, August 13, 2002 02:34
To: mantisbt-announce@lists.sourceforge.net
Subject: [Mantisbt-announce] Security Advisory
All,
There is a security hole in summary_graph_functions.php. Users may be
able to run code remotely. To fix, insert these lines at the top:
if ( isset($HTTP_GET_VARS['g_jpgraph_path']) ||
isset($HTTP_POST_VARS['g_jpgraph_path']) ||
isset($HTTP_COOKIE_VARS['g_jpgraph_path']) ) {
exit;
}
Thanks go to Joao Gouveia: tharbad@kaotik.org
Thanks,
-Ken