Mantis < 1.1.2 account_prefs_update.php language Parameter Traversal Local File Inclusion
High Nessus Network Monitor Plugin ID 4605
SynopsisThe remote host is vulnerable to a directory traversal flaw.
DescriptionThe remote host is running Mantis Bug Tracker.
The version of Mantis Bug Tracker installed on the remote host does not properly parse user-supplied data to the 'language' parameter of the 'account_prefs_update.php' script. An attacker can gain 'read' access to local files or execute arbitrary files that are already present on the web server. An attacker exploiting this flaw would send a specially formatted 'language' parameter to the affected script. This parameter would probably contain file names preceded by directory-traversal strings.
SolutionUpgrade to version 1.1.2 or higher.