Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0536

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2003-0536
Last Modified 10 Sep 2008 03:19:32
Published 18 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0536

Summary

Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.

Vulnerable Systems

Application

  • Phpsysinfo 2.0

  • Phpsysinfo 2.1


References

DEBIAN - DSA-346

BUGTRAQ - 20030425 Unauthorized reading files on phpSysInfo

MISC - http://sourceforge.net/tracker/index.php?func=detail&aid=670222&group_id=15&atid=100015


Last Updated: 27 May 2016 10:37:57