mantis: database credentials leak
| Package(s): | mantis | CVE #(s): | |||||
| Created: | August 10, 2009 | Updated: | August 12, 2009 | ||||
| Description: | From the Debian advisory: It was discovered that the Debian Mantis package, a web based bug tracking system, installed the database credentials in a file with world-readable permissions onto the local filesystem. This allows local users to acquire the credentials used to control the Mantis database. | ||||||
| Alerts: |
| ||||||