Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0986

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-0986
Last Modified 10 Mar 2011 10:51:10
Published 14 Feb 2011 05:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-0986

Summary

phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.

Vulnerable Systems

Application

  • Phpmyadmin 2.11.0

  • Phpmyadmin 2.11.1.0

  • Phpmyadmin 2.11.1.1

  • Phpmyadmin 2.11.1.2

  • Phpmyadmin 2.11.10.0

  • Phpmyadmin 2.11.10.1

  • Phpmyadmin 2.11.11

  • Phpmyadmin 2.11.11.1

  • Phpmyadmin 2.11.2.0

  • Phpmyadmin 2.11.2.1

  • Phpmyadmin 2.11.2.2

  • Phpmyadmin 2.11.3.0

  • Phpmyadmin 2.11.4.0

  • Phpmyadmin 2.11.5.0

  • Phpmyadmin 2.11.5.1

  • Phpmyadmin 2.11.5.2

  • Phpmyadmin 2.11.6.0

  • Phpmyadmin 2.11.7.0

  • Phpmyadmin 2.11.7.1

  • Phpmyadmin 2.11.8.0

  • Phpmyadmin 2.11.9.0

  • Phpmyadmin 2.11.9.1

  • Phpmyadmin 2.11.9.2

  • Phpmyadmin 2.11.9.3

  • Phpmyadmin 2.11.9.4

  • Phpmyadmin 2.11.9.5

  • Phpmyadmin 2.11.9.6

  • Phpmyadmin 3.0.0

  • Phpmyadmin 3.0.1

  • Phpmyadmin 3.0.1.1

  • Phpmyadmin 3.1.0

  • Phpmyadmin 3.1.1

  • Phpmyadmin 3.1.2

  • Phpmyadmin 3.1.3

  • Phpmyadmin 3.1.3.1

  • Phpmyadmin 3.1.3.2

  • Phpmyadmin 3.1.4

  • Phpmyadmin 3.1.5

  • Phpmyadmin 3.2.0

  • Phpmyadmin 3.2.1

  • Phpmyadmin 3.2.2

  • Phpmyadmin 3.3.0.0

  • Phpmyadmin 3.3.1.0

  • Phpmyadmin 3.3.2.0

  • Phpmyadmin 3.3.3.0

  • Phpmyadmin 3.3.4.0

  • Phpmyadmin 3.3.5.0

  • Phpmyadmin 3.3.5.1

  • Phpmyadmin 3.3.6

  • Phpmyadmin 3.3.7

  • Phpmyadmin 3.3.8

  • Phpmyadmin 3.3.8.1

  • Phpmyadmin 3.3.9.0


References

CONFIRM - http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php

CONFIRM - http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=035d002db1e1201e73e560d7d98591563b506a83

XF - phpmyadmin-readme-path-disclosure(65424)

VUPEN - ADV-2011-0385

MANDRIVA - MDVSA-2011:026

SECUNIA - 43478

FEDORA - FEDORA-2011-1408

FEDORA - FEDORA-2011-1373


Last Updated: 27 May 2016 10:56:07