Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mantis < 1.1.2 account_prefs_update.php language Parameter Traversal Local File Inclusion

High

Synopsis

The remote host is vulnerable to a directory traversal flaw.

Description

The remote host is running Mantis Bug Tracker.

The version of Mantis Bug Tracker installed on the remote host does not properly parse user-supplied data to the 'language' parameter of the 'account_prefs_update.php' script. An attacker can gain 'read' access to local files or execute arbitrary files that are already present on the web server. An attacker exploiting this flaw would send a specially formatted 'language' parameter to the affected script. This parameter would probably contain file names preceded by directory-traversal strings.

Solution

Upgrade to version 1.1.2 or higher.