CVE-2014-6387

MantisBT < 1.2.17 - Unauthenticated Authentication Bypass via Null Byte in Password

Title source: llm

Description

gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind.

References (4)

Core 4

Core References

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2014/09/12/14

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2014/09/12/11

Exploit, Vendor Advisory x_refsource_confirm

http://www.mantisbt.org/bugs/view.php?id=17640

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2014/09/13/1

Scores

EPSS 0.0210

EPSS Percentile 79.4%

Details

CWE

CWE-287

Status published

Products (18)

mantisbt/mantisbt 1.2.0 (6 CPE variants)

mantisbt/mantisbt 1.2.1

mantisbt/mantisbt 1.2.2

mantisbt/mantisbt 1.2.3

mantisbt/mantisbt 1.2.4

mantisbt/mantisbt 1.2.5

mantisbt/mantisbt 1.2.6

mantisbt/mantisbt 1.2.7

mantisbt/mantisbt 1.2.8

mantisbt/mantisbt 1.2.9

... and 8 more

Published Oct 22, 2014

Tracked Since Feb 18, 2026