oss-sec mailing list archives
Re: Re: CVE-2014-6316: URL redirection issue in MantisBT
From: cve-assign () mitre org
Date: Sun, 11 Jan 2015 12:00:55 -0500 (EST)
During follow-up tests he performed on the fix for CVE-2014-6316 (which was released in MantisBT 1.2.18), Alejo Popovici noticed [1] that the earlier fix was only partial.With certain browsers (FF 34, Chrome 39 but not IE11) it is still possible to effect a cross-domain redirection using a redirect address having a single slash, e.g.- http://example.com/mantis/login_page.php?return=https:/google.com or - https://example.com/mantis/login_page.php?return=http:/google.comThis is essentially the same vulnerability that was described in CVE-2014-6316, but due to a different root cause (for which a patch will be issued soon).I would like to know if I should be using the same CVE ID, or if a new one needs to be issued.Thanks in advance. Damien Regad MantisBT Developer [1] https://www.mantisbt.org/bugs/view.php?id=17997
CVE creates separate identifiers if two bugs do not affect the same versions. This can occur with incomplete fixes. Since bug 17997 affects 1.2.18 but CVE-2014-6316 does not, a separate CVE ID is used.
Use CVE-2015-1042. --- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Current thread:
- Re: CVE-2014-6316: URL redirection issue in MantisBT Damien Regad (Jan 10)
- Re: Re: CVE-2014-6316: URL redirection issue in MantisBT cve-assign (Jan 11)
- <Possible follow-ups>
- Re: CVE-2014-6316: URL redirection issue in MantisBT Damien Regad (Mar 14)