CVE-2005-3347

critical

Description

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/23107

http://www.securityfocus.com/bid/15414

http://www.securityfocus.com/bid/15396

http://www.securityfocus.com/archive/1/416543

http://www.mandriva.com/security/advisories?name=MDKSA-2005:212

http://www.hardened-php.net/advisory_212005.81.html

http://www.gentoo.org/security/en/glsa/glsa-200511-18.xml

http://www.debian.org/security/2005/dsa-899

http://www.debian.org/security/2005/dsa-898

http://www.debian.org/security/2005/dsa-897

http://secunia.com/advisories/17698

http://secunia.com/advisories/17643

http://secunia.com/advisories/17620

http://secunia.com/advisories/17616

http://secunia.com/advisories/17584

http://secunia.com/advisories/17570

http://secunia.com/advisories/17441

Details

Source: Mitre, NVD

Published: 2005-11-18

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical