Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-6387

Опубликовано: 22 окт. 2014
Источник: debian

Описание

gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mantisremovedpackage
mantisend-of-lifesqueezepackage

Примечания

  • http://www.mantisbt.org/bugs/view.php?id=17640

  • http://github.com/mantisbt/mantisbt/commit/215968fa8 (1.2.x branch)

  • http://github.com/mantisbt/mantisbt/commit/fc02c46ee (master branch)

Связанные уязвимости

ubuntu логотип

CVE-2014-6387

ubuntu
больше 11 лет назад

gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind.

nvd логотип

CVE-2014-6387

nvd
больше 11 лет назад

gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind.

github логотип

GHSA-2vwf-xc9m-9w4j

github
больше 3 лет назад

gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind.