Test ID:	1.3.6.1.4.1.25623.1.0.68758
Category:	Fedora Local Security Checks
Title:	Fedora Core 14 FEDORA-2010-19078 (mantis)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to mantis announced via advisory FEDORA-2010-19078. Update Information: This update fixes multiple security issues recently found in Mantis. For more details about the issues in upstream bugs: http://www.mantisbt.org/bugs/view.php?id=12607 http://www.mantisbt.org/bugs/view.php?id=12309 References: [ 1 ] Bug #640746 - CVE-2010-3763 MantisBT: XSS in Summary page https://bugzilla.redhat.com/show_bug.cgi?id=640746 [ 2 ] Bug #663230 - CVE-2010-4348 CVE-2010-4349 CVE-2010-4350 MantisBT Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update mantis' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-19078 Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3763 BugTraq ID: 43837 http://www.securityfocus.com/bid/43837 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052721.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052730.html http://security.gentoo.org/glsa/glsa-201211-01.xml http://www.openwall.com/lists/oss-security/2010/09/14/12 http://www.openwall.com/lists/oss-security/2010/09/14/13 http://secunia.com/advisories/42772 http://secunia.com/advisories/51199 http://www.vupen.com/english/advisories/2011/0002 Common Vulnerability Exposure (CVE) ID: CVE-2010-4348 42772 51199 ADV-2011-0002 FEDORA-2010-19070 FEDORA-2010-19078 GLSA-201211-01 [oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability http://openwall.com/lists/oss-security/2010/12/15/4 [oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability http://openwall.com/lists/oss-security/2010/12/16/1 http://www.mantisbt.org/blog/?p=123 http://www.mantisbt.org/bugs/changelog_page.php?version_id=112 http://www.mantisbt.org/bugs/view.php?id=12607 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php https://bugzilla.redhat.com/show_bug.cgi?id=663230 Common Vulnerability Exposure (CVE) ID: CVE-2010-4349 mantisbt-dbtype-path-disclosure(64463) https://exchange.xforce.ibmcloud.com/vulnerabilities/64463 Common Vulnerability Exposure (CVE) ID: CVE-2010-4350 [oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability http://openwall.com/lists/oss-security/2010/12/15/5 [oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability http://openwall.com/lists/oss-security/2010/12/16/2 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4984.php
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.