Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0459

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0459
Last Modified 05 Sep 2008 04:46:21
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0459

Summary

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.

Vulnerable Systems

Application

  • Phpmyadmin 2.0

  • Phpmyadmin 2.0.1

  • Phpmyadmin 2.0.2

  • Phpmyadmin 2.0.3

  • Phpmyadmin 2.0.4

  • Phpmyadmin 2.0.5

  • Phpmyadmin 2.1

  • Phpmyadmin 2.1.1

  • Phpmyadmin 2.1.2

  • Phpmyadmin 2.2 Pre1

  • Phpmyadmin 2.2 Rc1

  • Phpmyadmin 2.2 Rc2

  • Phpmyadmin 2.2 Rc3

  • Phpmyadmin 2.2.2

  • Phpmyadmin 2.2.3

  • Phpmyadmin 2.2.4

  • Phpmyadmin 2.2.5

  • Phpmyadmin 2.2.6

  • Phpmyadmin 2.3.1

  • Phpmyadmin 2.3.2

  • Phpmyadmin 2.4.0

  • Phpmyadmin 2.5.0

  • Phpmyadmin 2.5.1

  • Phpmyadmin 2.5.2

  • Phpmyadmin 2.5.4

  • Phpmyadmin 2.5.5

  • Phpmyadmin 2.5.5 Pl1

  • Phpmyadmin 2.5.5 Rc1

  • Phpmyadmin 2.5.5 Rc2

  • Phpmyadmin 2.5.6 Rc1

  • Phpmyadmin 2.5.7

  • Phpmyadmin 2.5.7 Pl1

  • Phpmyadmin 2.6.0 Pl1

  • Phpmyadmin 2.6.0 Pl2

  • Phpmyadmin 2.6.0 Pl3

  • Phpmyadmin 2.6.2 Dev


References

SECTRACK - 1013210


Last Updated: 27 May 2016 10:39:48