what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2005-3347

Status Candidate

Overview

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.

Related Files

Debian Linux Security Advisory 918-1
Posted Dec 14, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 918-1 - Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment.

tags | advisory, shell
systems | linux, debian
advisories | CVE-2005-3347, CVE-2005-3533
SHA-256 | 4df3040ef4ed4fb43f26936c5ccf120ece9b4c09a76c45b5cc7fb058076958ae
Download | Favorite | View
Debian Linux Security Advisory 899-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 899-1 - Several vulnerabilities have been discovered in egroupware, a web-based groupware suite.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2005-0870, CVE-2005-2600, CVE-2005-3347, CVE-2005-3348
SHA-256 | ce5dc61b6ab7f174ffd0578f4d7b299207ee622bfdae9b8fd35c151559cf6fca
Download | Favorite | View
Debian Linux Security Advisory 898-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 898-1 - Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2005-0870, CVE-2005-3347, CVE-2005-3348
SHA-256 | c7619e34f0202f1767d8efde397aed15459fad6c27137844169689edb036be56
Download | Favorite | View
Mandriva Linux Security Advisory 2005.212
Posted Nov 20, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2005-2654, CVE-2005-2792, CVE-2005-2793, CVE-2005-0869, CVE-2005-0870, CVE-2005-3347, CVE-2005-3348
SHA-256 | 4c7153c16054a380d5a7b9f4b9ed2f8422a15efd41e1749ec592bb4a858174fc
Download | Favorite | View
Debian Linux Security Advisory 897-1
Posted Nov 20, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 897-1 - Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2005-0870, CVE-2005-3347, CVE-2005-3348
SHA-256 | e45a4727d0dbabf891df3473359c64c7b6c1e5efeff94f588a45e498240caa09
Download | Favorite | View
Hardened-PHP Project Security Advisory 2005-21.81
Posted Nov 15, 2005
Authored by Christopher Kunz, Hardened-PHP Project | Site hardened-php.net

phpSysInfo versions 2.4 and below suffer from cross site scripting, HTTP response splitting, and arbitrary file inclusion flaws.

tags | exploit, web, arbitrary, xss, file inclusion
advisories | CVE-2005-3347, CVE-2005-3348
SHA-256 | 0e06964507a7ccca53a11efcf06c1e94edfb9afdc2311b04881c95bf3b588fcd
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close