Signature Detail

Short Name	HTTP:PHP:MANTIS-ARB-EXEC2
Severity	Medium
Recommended	No
Category	HTTP
Keywords	mantis http php
Release Date	2003/04/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mangin_ptis "loage.php" Arbitrary Code Execution

This signature detects attempts to exploit a known vulnerability in Mantis, an open source Web-based bug tracking system. Mantis 0.17.3 and earlier versions are vulnerable. Attackers can send a maliciously crafted URL to cause the Web server to download PHP code from a remote server, allowing the attacker to execute arbitrary code with the permissions of the user that is running the Web server daemon.

Extended Description

An attacker could execute arbitrary code on the Mantis server.

References

URL: http://securityvulns.com/docs3386.html

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Mangin_ptis "loage.php" Arbitrary Code Execution

Extended Description

References