Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-897-1
HistoryNov 15, 2005 - 12:00 a.m.

phpsysinfo - programming errors

2005-11-1500:00:00
Google
osv.dev
9

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

Several vulnerabilities have been discovered in phpsysinfo, a PHP
based host information application. The Common Vulnerabilities and
Exposures project identifies the following problems:

  • CVE-2005-0870
    Maksymilian Arciemowicz discovered several cross site scripting
    problems, of which not all were fixed in DSA 724.
  • CVE-2005-3347
    Christopher Kunz discovered that local variables get overwritten
    unconditionally and are trusted later, which could lead to the
    inclusion of arbitrary files.
  • CVE-2005-3348
    Christopher Kunz discovered that user-supplied input is used
    unsanitised, causing a HTTP Response splitting problem.

For the old stable distribution (woody) these problems have been fixed in
version 2.0-3woody3.

For the stable distribution (sarge) these problems have been fixed in
version 2.3-4sarge1.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your phpsysinfo package.

CPENameOperatorVersion
phpsysinfoeq2.3-4

Related

openvas 15
debian 10
nessus 8
osv 3
securityvulns 1
packetstorm 1
gentoo 1
cve 3
ubuntucve 3
debiancve 3
freebsd 1
openvas
openvas
Debian Security Advisory DSA 898-1 (phpgroupware)
2008-01-17 00:00:00
Debian Security Advisory DSA 897-1 (phpsysinfo)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-898-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities
2005-11-17 10:31:32
[SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities
2005-11-15 10:47:28
[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilities
2005-11-17 10:31:32
nessus
nessus
Debian DSA-897-1 : phpsysinfo - programming errors
2006-10-14 00:00:00
Debian DSA-898-1 : phpgroupware - programming errors
2006-10-14 00:00:00
Debian DSA-899-1 : egroupware - programming errors
2006-10-14 00:00:00
osv
osv
phpgroupware - programming errors
2005-11-17 00:00:00
egroupware - programming errors
2005-11-17 00:00:00
phpsysinfo - design flaw
2005-05-18 00:00:00
securityvulns
securityvulns
[Full-disclosure] Advisory 22/2005: Multiple vulnerabilities in phpSysInfo
2005-11-14 00:00:00
packetstorm
packetstorm
Hardened-PHP Project Security Advisory 2005-21.81
2005-11-15 00:00:00
gentoo
gentoo
phpSysInfo: Multiple vulnerabilities
2005-11-22 00:00:00
cve
cve
CVE-2005-3348
2005-11-18 02:02:00
CVE-2005-0870
2005-05-02 04:00:00
CVE-2005-3347
2005-11-18 02:02:00
ubuntucve
ubuntucve
CVE-2005-3348
2005-11-18 00:00:00
CVE-2005-0870
2005-05-02 00:00:00
CVE-2005-3347
2005-11-18 00:00:00
debiancve
debiancve
CVE-2005-3348
2005-11-18 02:02:00
CVE-2005-0870
2005-05-02 04:00:00
CVE-2005-3347
2005-11-18 02:02:00
freebsd
freebsd
phpSysInfo -- cross site scripting vulnerability
2005-03-22 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON
Related for OSV:DSA-897-1
openvas15debian10nessus8osv3securityvulns1packetstorm1gentoo1cve3ubuntucve3debiancve3freebsd1