Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3979

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3979
Last Modified 07 Mar 2011 09:27:28
Published 03 Dec 2005 02:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3979

Summary

relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta does not remove is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request.

Vulnerable Systems

Application

  • Coppermine Photo Gallery 1.4 Beta

  • Coppermine Photo Gallery 1.4.2


References

VUPEN - ADV-2005-2698

SECUNIA - 17855

CONFIRM - http://coppermine-gallery.net/forum/index.php?topic=24217.0


Last Updated: 27 May 2016 10:41:08