oss-sec mailing list archives
Re: CVE Request: information disclosure in MantisBT attachments
From: cve-assign () mitre org
Date: Wed, 19 Nov 2014 18:14:10 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
MantisBT issue attachments can be downloaded without permission. Due to an incorrect access check, by guessing the download URL correctly, unprivileged users can download files from a private project with restricted access to attachments, i.e. where $g_download_attachments_threshold / $g_view_attachments_threshold are set e.g. to 55 (developer), if another project to which they have access does not restrict attachments download. http://github.com/mantisbt/mantisbt/commit/5f0b150b79868ea9d791e2c46b45b3f41b410e50 http://www.mantisbt.org/bugs/view.php?id=17742
Use CVE-2014-8988. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJUbSKQAAoJEKllVAevmvmsYkoH/RBI5X7xjf89SuLHRtWnKEim 2lWoyMDGZYmfCVTobud4K+zsAAnXE3t5MVQBXHbjxP2rgKSFtMl6P1c6nsf9plrI YqudUDmQfYyeq5mbOp2gSRRwyYYbO8Rvr3lvtHcG6jMnD2Jb41sv0FZZ2NusdXKd DabAkXlR/ZaGsRwKOdFmRLLQRBdbQT2sZVYme3Nm3GWLSjdwOKhQlUrw0x8uauVN DnucD61jd5qMPglVFV30aWuR42N39LNZ8w29VbTDXJIxxUCItBupj3IarRuvvrkd sPhp0ur2GgPawkmeYoFAko4ZLpBtybBisTQwh3odoeRYGbZmIPF4lEsS4wk364c= =Fq7Y -----END PGP SIGNATURE-----
Current thread:
- CVE Request: information disclosure in MantisBT attachments Damien Regad (Nov 15)
- Re: CVE Request: information disclosure in MantisBT attachments Damien Regad (Nov 19)
- Re: CVE Request: information disclosure in MantisBT attachments cve-assign (Nov 19)