On Monday 2017-04-17 20:19:17 Kern Sibbald wrote:
> Hello,
> 
> All the tables are good.  However someone emptied it.
> 
> I think this is the command that did it.
> 
> 37.123.133.148 - - [16/Apr/2017:09:19:39 +0100] "POST 
> /manage_proj_delete.php HTTP/1.1" 200 504
> 
> Any comments?

I have just checked Mantis's manage_proj_delete.php and core.php
files.

It seems that they are trying to ensure that the user is logged in
and that the user has the privileges to run manage_proj_delete.php
so it's either a bug in the Mantis code or the password of a privileged
user has been stolen.

In either case I am sorry for the lost data and the time that will
be spent because of this.

I have failed to google-out any recent security issues in Mantis code
that would result in data loss.

I would suggest to check this Mantis page related to security issues:
https://www.mantisbt.org/wiki/doku.php/mantisbt:handling_security_problems


-- 
Josip Deanovic

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users