exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2005-3347

Status Candidate

Overview

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.

Related Files

Debian Linux Security Advisory 918-1
Posted Dec 14, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 918-1 - Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment.

tags | advisory, shell
systems | linux, debian
advisories | CVE-2005-3347, CVE-2005-3533
SHA-256 | 4df3040ef4ed4fb43f26936c5ccf120ece9b4c09a76c45b5cc7fb058076958ae
Debian Linux Security Advisory 899-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 899-1 - Several vulnerabilities have been discovered in egroupware, a web-based groupware suite.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2005-0870, CVE-2005-2600, CVE-2005-3347, CVE-2005-3348
SHA-256 | ce5dc61b6ab7f174ffd0578f4d7b299207ee622bfdae9b8fd35c151559cf6fca
Debian Linux Security Advisory 898-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 898-1 - Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2005-0870, CVE-2005-3347, CVE-2005-3348
SHA-256 | c7619e34f0202f1767d8efde397aed15459fad6c27137844169689edb036be56
Mandriva Linux Security Advisory 2005.212
Posted Nov 20, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2005-2654, CVE-2005-2792, CVE-2005-2793, CVE-2005-0869, CVE-2005-0870, CVE-2005-3347, CVE-2005-3348
SHA-256 | 4c7153c16054a380d5a7b9f4b9ed2f8422a15efd41e1749ec592bb4a858174fc
Debian Linux Security Advisory 897-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 897-1 - Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2005-0870, CVE-2005-3347, CVE-2005-3348
SHA-256 | e45a4727d0dbabf891df3473359c64c7b6c1e5efeff94f588a45e498240caa09
Hardened-PHP Project Security Advisory 2005-21.81
Posted Nov 15, 2005
Authored by Christopher Kunz, Hardened-PHP Project | Site hardened-php.net

phpSysInfo versions 2.4 and below suffer from cross site scripting, HTTP response splitting, and arbitrary file inclusion flaws.

tags | exploit, web, arbitrary, xss, file inclusion
advisories | CVE-2005-3347, CVE-2005-3348
SHA-256 | 0e06964507a7ccca53a11efcf06c1e94edfb9afdc2311b04881c95bf3b588fcd
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close