Short Name |
HTTP:PHP:MANTIS-ARB-EXEC2 |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Mangin_ptis "loage.php" Arbitrary Code Execution |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Mantis, an open source Web-based bug tracking system. Mantis 0.17.3 and earlier versions are vulnerable. Attackers can send a maliciously crafted URL to cause the Web server to download PHP code from a remote server, allowing the attacker to execute arbitrary code with the permissions of the user that is running the Web server daemon.
An attacker could execute arbitrary code on the Mantis server.