Test ID:	1.3.6.1.4.1.25623.1.0.56266
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: mantis
Summary:	FreeBSD Ports: mantis
Description:	Description: The remote host is missing an update to the system as announced in the referenced advisory. The following package is affected: mantis CVE-2005-4238 Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter. Solution: Update your system with the appropriate patches or software upgrades. http://pridels.blogspot.com/2005/12/mantis-bugtracking-system-xss-vuln.html http://www.vuxml.org/freebsd/592815da-9eed-11da-b410-000e0c2e438a.html CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	BugTraq ID: 15842 Common Vulnerability Exposure (CVE) ID: CVE-2005-4238 http://pridels0.blogspot.com/2005/12/mantis-bugtracking-system-xss-vuln.html Debian Security Information: DSA-944 (Google Search) http://www.debian.org/security/2005/dsa-944 http://www.securityfocus.com/bid/15842 http://www.vupen.com/english/advisories/2005/2874 http://secunia.com/advisories/18018 http://secunia.com/advisories/18481
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: