Candidate: CVE-2012-1123
PublicDate: 2012-06-29 19:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1123
Description:
 The mci_check_login function in api/soap/mc_api.php in the SOAP API in
 MantisBT before 1.2.9 allows remote attackers to bypass authentication via
 a null password.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662858
 http://www.mantisbt.org/bugs/view.php?id=13901
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_mantis:
 vendor: http://www.debian.org/security/2012/dsa-2500
upstream_mantis: released (1.2.9)
hardy_mantis: ignored (reached end-of-life)
lucid_mantis: ignored (reached end-of-life)
maverick_mantis: ignored (reached end-of-life)
natty_mantis: released (1.1.8+dfsg-10squeeze2build0.11.04.1)
oneiric_mantis: ignored (reached end-of-life)
precise_mantis: not-affected (1.2.10-1)
quantal_mantis: not-affected (1.2.10-1)
raring_mantis: not-affected (1.2.10-1)
saucy_mantis: not-affected (1.2.10-1)
devel_mantis: DNE