Lucene search
Ubuntu.comUB:CVE-2004-1385HistoryDec 31, 2004 - 12:00 a.m.
CVE-2004-1385
2004-12-3100:00:00
ubuntu.com
ubuntu.com
6
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.018 Low
EPSS
Percentile
88.1%
phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain
sensitive information via (1) unexpected characters in the session ID such
as shell metacharacters, (2) an invalid appname parameter to
preferences.php or (3) an invalid menuaction parameter to index.php, which
reveals the web server path in an error message.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | phpgroupware | < 0.9.16.010-1 | UNKNOWN |
| ubuntu | 6.10 | noarch | phpgroupware | < 0.9.16.010-1 | UNKNOWN |
| ubuntu | 7.04 | noarch | phpgroupware | < 0.9.16.010-1 | UNKNOWN |
Related
cve
cve
CVE-2004-1385
2004-12-31 05:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200501-08 (phpgroupware)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200501-08 (phpgroupware)
2008-09-24 00:00:00
nessus
nessus
GLSA-200501-08 : phpGroupWare: Various vulnerabilities
2005-02-14 00:00:00
phpGroupWare <= 0.9.16.003 Multiple Vulnerabilities
2004-12-16 00:00:00
gentoo
gentoo
phpGroupWare: Various vulnerabilities
2005-01-06 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.018 Low
EPSS
Percentile
88.1%
Related for UB:CVE-2004-1385