DEBIAN-CVE-2005-3347

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. dot dot sequences in the 1 sensorprogram parameter or the 2...

CVE-2005-3348

HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter...

CVE-2005-3348

CVE-2005-3348 is a HTTP Response Splitting vulnerability in phpSysInfo (2.4 and earlier) used by phpGroupWare (0.9.16 and earlier) and eGroupWare (before 1.0.0.009). Exploitation via CRLF sequences in the charset parameter can cause web content spoofing and cache poisoning. OpenVAS entries (and D...

CVE-2005-3347

CVE-2005-3347 describes multiple directory traversal flaws in phpSysInfo 2.4 and earlier, impacting phpSysInfo itself and also affecting phpgroupware 0.9.16 and earlier, and egrouwpware prior to 1.0.0.009. The vulnerabilities allow remote attackers to include arbitrary files by supplying dot-dot ...

CVE-2005-3347

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. dot dot sequences in the 1 sensorprogram parameter or the 2...

CVE-2005-3348

HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter...

CVE-2005-3347

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. dot dot sequences in the 1 sensorprogram parameter or the 2...

CVE-2005-3348

HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter...

DSA-899-1 egroupware - programming errors

Bulletin has no description...

DSA-898-1 phpgroupware - programming errors

Bulletin has no description...

phpSysInfo < 2.4.1 Multiple Vulnerabilities

The remote host is running phpSysInfo, a PHP application that parses the /proc entries on Linux/Unix systems and displays them in HTML. The installed version of phpSysInfo on the remote host has a design flaw in its globalization layer such that the script's variables can be overwritten independe...

[SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 897-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 897-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2005 http://www.debian.org/security/faq -...

DSA-897-1 phpsysinfo - programming errors

Bulletin has no description...

Hardened-PHP Project Security Advisory 2005-21.81

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in phpSysInfo Release Date: 2005/11/13 Last Modified: 2005/11/12 Author: Christopher Kunz Application: phpSysInfo 2.4 and prior Severity: Cross-Site...

[Full-disclosure] Advisory 22/2005: Multiple vulnerabilities in phpSysInfo

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in phpSysInfo Release Date: 2005/11/13 Last Modified: 2005/11/12 Author: Christopher Kunz [email protected] Application: phpSysInfo 2....

PHPSysInfo < 2.4.0 Multiple Vulnerabilities

Binary data 3289.prm...

[SA17441] phpSysInfo &quot;register_globals&quot; Emulation Layer Overwrite Vulnerability

TITLE: phpSysInfo "registerglobals" Emulation Layer Overwrite Vulnerability SECUNIA ADVISORY ID: SA17441 VERIFY ADVISORY: http://secunia.com/advisories/17441/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data, Exposure of sensitive information WHERE: From remote...

PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities

PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/15396/info phpSysInfo is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. phpSysInfo is prone to...

phpSysInfo -- "register_globals" emulation layer overwrite vulnerability

A Secunia Advisory reports: Christopher Kunz has reported a vulnerability in phpSysInfo, which can be exploited by malicious people to manipulate certain information. The vulnerability is caused due to an error in the "registerglobals" emulation layer where certain arrays used by the system can b...