Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3622

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3622
Last Modified 05 Sep 2008 04:54:49
Published 16 Nov 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3622

Summary

phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.

Vulnerable Systems

Application

  • Phpmyadmin 2.2.0

  • Phpmyadmin 2.2.7 Pl1

  • Phpmyadmin 2.5.2 Pl1

  • Phpmyadmin 2.5.3

  • Phpmyadmin 2.5.4

  • Phpmyadmin 2.5.5 Pl1

  • Phpmyadmin 2.5.6 Rc2

  • Phpmyadmin 2.5.7 Pl1

  • Phpmyadmin 2.6.0 Pl3

  • Phpmyadmin 2.6.1 Pl3

  • Phpmyadmin 2.6.2 Pl1

  • Phpmyadmin 2.6.3 Pl1

  • Phpmyadmin 2.6.4 Pl3

  • Phpmyadmin 2.6.4 Pl4

  • Phpmyadmin 2.7.0 Beta1


References

MISC - http://www.fitsec.com/advisories/FS-05-02.txt

OSVDB - 20914

OSVDB - 20913

OSVDB - 20912

OSVDB - 20911

SECTRACK - 1015213

SREASON - 185

BUGTRAQ - 20051115 [FS-05-02] Multiple vulnerabilities in phpMyAdmin


Last Updated: 27 May 2016 10:40:59