phppgadmin -- missing input sanitising

2005-07-18T00:00:00
ID DSA-759
Type debian
Reporter Debian
Modified 2005-07-18T00:00:00

Description

A vulnerability has been discovered in phppgadmin, a set of PHP scripts to administrate PostgreSQL over the WWW, that can lead to disclose sensitive information. Successful exploitation requires that "magic_quotes_gpc" is disabled.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in version 3.5.2-5.

For the unstable distribution (sid) this problem has been fixed in version 3.5.4.

We recommend that you upgrade your phppgadmin package.