Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2005-3347
HistoryNov 18, 2005 - 2:02 a.m.

CVE-2005-3347

2005-11-1802:02:00
Debian Security Bug Tracker
security-tracker.debian.org
9

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.015 Low

EPSS

Percentile

86.8%

JSON

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via … (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.

Related

cve 3
cvelist 3
nvd 3
ubuntucve 2
securityvulns 2
packetstorm 1
nessus 7
debian 9
osv 5
openvas 16
gentoo 2
debiancve 1
cve
cve
CVE-2005-3347
2005-11-18 02:02:00
CVE-2005-3346
2005-11-20 21:03:00
CVE-2003-0536
2003-08-18 04:00:00
cvelist
cvelist
CVE-2005-3347
2005-11-18 02:00:00
CVE-2005-3346
2005-11-20 21:00:00
CVE-2003-0536
2003-07-10 04:00:00
nvd
nvd
CVE-2005-3347
2005-11-18 02:02:00
CVE-2003-0536
2003-08-18 04:00:00
CVE-2005-3346
2005-11-20 21:03:00
ubuntucve
ubuntucve
CVE-2005-3347
2005-11-18 00:00:00
CVE-2005-3346
2005-11-20 00:00:00
securityvulns
securityvulns
[Full-disclosure] Advisory 22/2005: Multiple vulnerabilities in phpSysInfo
2005-11-14 00:00:00
[SECURITY] [DSA-346-1] New phpsysinfo packages fix directory traversal
2003-07-10 00:00:00
packetstorm
packetstorm
Hardened-PHP Project Security Advisory 2005-21.81
2005-11-15 00:00:00
nessus
nessus
phpSysInfo < 2.4.1 Multiple Vulnerabilities
2005-11-16 00:00:00
Debian DSA-346-1 : phpsysinfo - directory traversal
2004-09-29 00:00:00
Debian DSA-918-1 : osh - programming error
2006-10-14 00:00:00
debian
debian
[SECURITY] [DSA-346-1] New phpsysinfo packages fix directory traversal
2003-07-09 02:27:27
[SECURITY] [DSA 918-1] New osh packages fix privilege escalation
2005-12-09 05:55:46
[SECURITY] [DSA 918-1] New osh packages fix privilege escalation
2005-12-09 05:55:46
osv
osv
phpsysinfo - directory traversal
2003-07-08 00:00:00
osh - programming error
2005-12-09 00:00:00
phpsysinfo - programming errors
2005-11-15 00:00:00
openvas
openvas
Debian Security Advisory DSA 346-1 (phpsysinfo)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200311-07 (phpSysInfo)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200311-07 (phpSysInfo)
2008-09-24 00:00:00
gentoo
gentoo
phpSysInfo: arbitrary code execution and directory traversal
2003-11-22 00:00:00
phpSysInfo: Multiple vulnerabilities
2005-11-22 00:00:00
debiancve
debiancve
CVE-2003-0536
2003-08-18 04:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.015 Low

EPSS

Percentile

86.8%

JSON
Related for DEBIANCVE:CVE-2005-3347
cve3cvelist3nvd3ubuntucve2securityvulns2packetstorm1nessus7debian9osv5openvas16gentoo2debiancve1