MantisBT: master-1.2.x 0826cef8

Diff Back to Repository
Author Committer Branch Timestamp Parent
dregad dregad master-1.2.x 2014-11-28 06:50 master-1.2.x 65c13ded
Affected Issues  0017877: CVE-2014-9279: Db Credentials leak via unattended upgrade script
Changeset

DB Credentials leak in upgrade_unattended.php

Retrieve credentials from Mantis system configuration instead of
accepting them from POST parameters.

This issue was reported by Matthias Karlsson (http://mathiaskarlsson.me)
as part of Offensive Security's bug bounty program [1].

Paul Richards' original patch was modified to align the code with master
branch to (basically replacing DIRECTORY_SEPARATOR by '/') to facilitate
porting.

Fixes 0017877

[1] http://www.offensive-security.com/bug-bounty-program/

Signed-off-by: Damien Regad dregad@mantisbt.org
mod - admin/upgrade_unattended.php Diff File