Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2005-3347
HistoryNov 18, 2005 - 2:02 a.m.

CVE-2005-3347

2005-11-1802:02:00
Debian Security Bug Tracker
security-tracker.debian.org
9

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.7%

JSON

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via … (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.

Related

cve 3
ubuntucve 2
securityvulns 2
nessus 7
packetstorm 1
debian 9
openvas 16
debiancve 1
osv 5
gentoo 2
cve
cve
CVE-2005-3347
2005-11-18 02:02:00
CVE-2005-3346
2005-11-20 21:03:00
CVE-2003-0536
2003-08-18 04:00:00
ubuntucve
ubuntucve
CVE-2005-3347
2005-11-18 00:00:00
CVE-2005-3346
2005-11-20 00:00:00
securityvulns
securityvulns
[Full-disclosure] Advisory 22/2005: Multiple vulnerabilities in phpSysInfo
2005-11-14 00:00:00
[SECURITY] [DSA-346-1] New phpsysinfo packages fix directory traversal
2003-07-10 00:00:00
nessus
nessus
phpSysInfo < 2.4.1 Multiple Vulnerabilities
2005-11-16 00:00:00
Debian DSA-346-1 : phpsysinfo - directory traversal
2004-09-29 00:00:00
Debian DSA-918-1 : osh - programming error
2006-10-14 00:00:00
packetstorm
packetstorm
Hardened-PHP Project Security Advisory 2005-21.81
2005-11-15 00:00:00
debian
debian
[SECURITY] [DSA-346-1] New phpsysinfo packages fix directory traversal
2003-07-09 02:27:27
[SECURITY] [DSA 918-1] New osh packages fix privilege escalation
2005-12-09 05:55:46
[SECURITY] [DSA 918-1] New osh packages fix privilege escalation
2005-12-09 05:55:46
openvas
openvas
Gentoo Security Advisory GLSA 200311-07 (phpSysInfo)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-346)
2008-01-17 00:00:00
Debian Security Advisory DSA 346-1 (phpsysinfo)
2008-01-17 00:00:00
debiancve
debiancve
CVE-2003-0536
2003-08-18 04:00:00
osv
osv
phpsysinfo - directory traversal
2003-07-08 00:00:00
osh - programming error
2005-12-09 00:00:00
phpsysinfo - programming errors
2005-11-15 00:00:00
gentoo
gentoo
phpSysInfo: arbitrary code execution and directory traversal
2003-11-22 00:00:00
phpSysInfo: Multiple vulnerabilities
2005-11-22 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.7%

JSON
Related for DEBIANCVE:CVE-2005-3347
cve3ubuntucve2securityvulns2nessus7packetstorm1debian9openvas16debiancve1osv5gentoo2