var-200511-0093
Vulnerability from variot
CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts. phpMyAdmin is prone to an HTTP-response-splitting vulnerability because the application fails to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. This issue is reported to affect phpMyAdmin version 2.7.0-beta1; other versions may also be vulnerable.
The vulnerability is caused due to an error in the register_globals emulation layer in "grab_globals.php" where the "import_blacklist" variable is not properly protected from being overwritten. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. http://www.phpmyadmin.net/home_page/downloads.php
PROVIDED AND/OR DISCOVERED BY: Reported by vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1207-2 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff November 19th, 2006 http://www.debian.org/security/faq
Package : phpmyadmin Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-1678 CVE-2006-2418 CVE-2005-3621 CVE-2005-3665 CVE-2006-5116 Debian Bug : 339437 340438 362567 368082 391090
The phpmyadmin update in DSA 1207 introduced a regression. This update corrects this flaw. For completeness, the original advisory text below:
Several remote vulnerabilities have been discovered in phpMyAdmin, a program to administrate MySQL over the web.
CVE-2005-3665
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST
variable and (2) various scripts in the libraries directory that
handle header generation.
CVE-2006-1678
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary web script or HTML via scripts in the
themes directory.
CVE-2006-5116
A remote attacker could overwrite internal variables through the
_FILES global variable.
For the stable distribution (sarge) these problems have been fixed in version 2.6.2-3sarge3.
For the upcoming stable release (etch) and unstable distribution (sid) these problems have been fixed in version 2.9.0.3-1.
We recommend that you upgrade your phpmyadmin package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.dsc
Size/MD5 checksum: 604 32ee16f4370604bc150d93c5676fface
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.diff.gz
Size/MD5 checksum: 38520 f27c4b99bbdb3dc13fb71aef99749247
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2.orig.tar.gz
Size/MD5 checksum: 2654418 05e33121984824c43d94450af3edf267
Architecture independent components:
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3_all.deb
Size/MD5 checksum: 2769182 00f14fb52a14546e92ece84c16cd249f
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
iD8DBQFFYFPdXm3vHE4uyloRAgj5AJ4k0NXBlTZgTK+vJTlgPNTEBfeBGgCg61oX s2aDzIfiBIc0hbLjIGOwEcQ= =EQpq -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
For more information: SA17578 SA17895 SA19556 SA20113 SA22126
SOLUTION: Apply updated packages.
Some input passed to "libraries/header_http.inc.php" isn't properly sanitised before being returned to the user. This can be exploited to include arbitrary HTTP headers in a response sent to the user.
Successful exploitation requires that "register_globals" is enabled.
It is also possible to disclose the full path to certain scripts by accessing them directly. http://www.phpmyadmin.net/home_page/downloads.php
PROVIDED AND/OR DISCOVERED BY: Toni Koivunen
ORIGINAL ADVISORY: Toni Koivunen: http://www.fitsec.com/advisories/FS-05-02.txt
phpMyAdmin: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200511-0093",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.6.1_pl3"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.5.3"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.5.2_pl1"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.5.6_rc2"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.5.4"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.2.7_pl1"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.6.0_pl3"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.2.0"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.5.5_pl1"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.6,
"vendor": "phpmyadmin",
"version": "2.5.7_pl1"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.0,
"vendor": "phpmyadmin",
"version": "2.6.2_pl1"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.0,
"vendor": "phpmyadmin",
"version": "2.6.3_pl1"
},
{
"model": "phpmyadmin",
"scope": "eq",
"trust": 1.0,
"vendor": "phpmyadmin",
"version": "2.6.4_pl3"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.20"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.10"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": ".0-beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "phpmyadmin",
"version": "2.7"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
}
],
"sources": [
{
"db": "BID",
"id": "15422"
},
{
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_pl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.7_pl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.2_pl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.7_pl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.0_pl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1_pl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2_pl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.6_rc2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.3_pl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3621"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Toni Koivunen is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "15422"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
],
"trust": 0.9
},
"cve": "CVE-2005-3621",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-3621",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200511-204",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts. phpMyAdmin is prone to an HTTP-response-splitting vulnerability because the application fails to properly sanitize user-supplied input. \nA remote attacker may exploit this vulnerability to influence or misrepresent web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. \nThis issue is reported to affect phpMyAdmin version 2.7.0-beta1; other versions may also be vulnerable. \n\nThe vulnerability is caused due to an error in the register_globals\nemulation layer in \"grab_globals.php\" where the \"import_blacklist\"\nvariable is not properly protected from being overwritten. This can be exploited to execute arbitrary HTML\nand script code in a user\u0027s browser session in context of an affected\nsite. \nhttp://www.phpmyadmin.net/home_page/downloads.php\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1207-2 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 19th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : phpmyadmin\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2006-1678 CVE-2006-2418 CVE-2005-3621 CVE-2005-3665 CVE-2006-5116\nDebian Bug : 339437 340438 362567 368082 391090\n\nThe phpmyadmin update in DSA 1207 introduced a regression. This update\ncorrects this flaw. For completeness, the original advisory text below:\n \nSeveral remote vulnerabilities have been discovered in phpMyAdmin, a\nprogram to administrate MySQL over the web. \n\nCVE-2005-3665\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST\n variable and (2) various scripts in the libraries directory that\n handle header generation. \n\nCVE-2006-1678\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML via scripts in the\n themes directory. \n\nCVE-2006-5116\n\n A remote attacker could overwrite internal variables through the\n _FILES global variable. \n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.6.2-3sarge3. \n\nFor the upcoming stable release (etch) and unstable distribution (sid)\nthese problems have been fixed in version 2.9.0.3-1. \n\nWe recommend that you upgrade your phpmyadmin package. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.dsc\n Size/MD5 checksum: 604 32ee16f4370604bc150d93c5676fface\n http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.diff.gz\n Size/MD5 checksum: 38520 f27c4b99bbdb3dc13fb71aef99749247\n http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2.orig.tar.gz\n Size/MD5 checksum: 2654418 05e33121984824c43d94450af3edf267\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3_all.deb\n Size/MD5 checksum: 2769182 00f14fb52a14546e92ece84c16cd249f\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niD8DBQFFYFPdXm3vHE4uyloRAgj5AJ4k0NXBlTZgTK+vJTlgPNTEBfeBGgCg61oX\ns2aDzIfiBIc0hbLjIGOwEcQ=\n=EQpq\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nFor more information:\nSA17578\nSA17895\nSA19556\nSA20113\nSA22126\n\nSOLUTION:\nApply updated packages. \r\n\r\nSome input passed to \"libraries/header_http.inc.php\" isn\u0027t properly\nsanitised before being returned to the user. This can be exploited to\ninclude arbitrary HTTP headers in a response sent to the user. \r\n\r\nSuccessful exploitation requires that \"register_globals\" is enabled. \r\n\r\nIt is also possible to disclose the full path to certain scripts by\naccessing them directly. \r\nhttp://www.phpmyadmin.net/home_page/downloads.php\n\nPROVIDED AND/OR DISCOVERED BY:\nToni Koivunen\n\nORIGINAL ADVISORY:\nToni Koivunen:\r\nhttp://www.fitsec.com/advisories/FS-05-02.txt\r\n\r\nphpMyAdmin:\r\nhttp://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"db": "BID",
"id": "15422"
},
{
"db": "PACKETSTORM",
"id": "43410"
},
{
"db": "PACKETSTORM",
"id": "42148"
},
{
"db": "PACKETSTORM",
"id": "42110"
},
{
"db": "PACKETSTORM",
"id": "52337"
},
{
"db": "PACKETSTORM",
"id": "51974"
},
{
"db": "PACKETSTORM",
"id": "51856"
},
{
"db": "PACKETSTORM",
"id": "41587"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-3621",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "22781",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "17578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015213",
"trust": 1.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2005:028",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1207",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204",
"trust": 0.6
},
{
"db": "BID",
"id": "15422",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "18618",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43410",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "17925",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42148",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "17895",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42110",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52337",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51974",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51856",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "41587",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "15422"
},
{
"db": "PACKETSTORM",
"id": "43410"
},
{
"db": "PACKETSTORM",
"id": "42148"
},
{
"db": "PACKETSTORM",
"id": "42110"
},
{
"db": "PACKETSTORM",
"id": "52337"
},
{
"db": "PACKETSTORM",
"id": "51974"
},
{
"db": "PACKETSTORM",
"id": "51856"
},
{
"db": "PACKETSTORM",
"id": "41587"
},
{
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
]
},
"id": "VAR-200511-0093",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.50441176
},
"last_update_date": "2023-12-18T11:16:35.467000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3621"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.phpmyadmin.net/home_page/security.php?issue=pmasa-2005-6"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17578"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22781"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1015213"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2006/dsa-1207"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
},
{
"trust": 0.5,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://www.fitsec.com/advisories/fs-05-02.txt"
},
{
"trust": 0.3,
"url": "http://www.owasp.org/index.php/main_page"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "/archive/1/416696"
},
{
"trust": 0.3,
"url": "/archive/1/416148"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/17578/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/17895/"
},
{
"trust": 0.3,
"url": "http://secunia.com/product/1720/"
},
{
"trust": 0.3,
"url": "http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2.orig.tar.gz"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/17925/"
},
{
"trust": 0.2,
"url": "http://www.phpmyadmin.net/home_page/downloads.php"
},
{
"trust": 0.2,
"url": "http://secunia.com/product/1719/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-1678"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5116"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2418"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3665"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3621"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge2_all.deb"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge2.diff.gz"
},
{
"trust": 0.2,
"url": "http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge2.dsc"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4258/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4933/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2467/"
},
{
"trust": 0.1,
"url": "http://lists.suse.com/archive/suse-security-announce/2006-jan/0006.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6221/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18618/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3473/"
},
{
"trust": 0.1,
"url": "http://www.hardened-php.net/advisory_252005.110.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17289/"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/showfiles.php?group_id=23067"
},
{
"trust": 0.1,
"url": "http://www.phpmyadmin.net/home_page/security.php?issue=pmasa-2005-8"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.diff.gz"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.dsc"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22781/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19556/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/530/"
},
{
"trust": 0.1,
"url": "http://www.us.debian.org/security/2006/dsa-1207"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20113/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5307/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22126/"
}
],
"sources": [
{
"db": "BID",
"id": "15422"
},
{
"db": "PACKETSTORM",
"id": "43410"
},
{
"db": "PACKETSTORM",
"id": "42148"
},
{
"db": "PACKETSTORM",
"id": "42110"
},
{
"db": "PACKETSTORM",
"id": "52337"
},
{
"db": "PACKETSTORM",
"id": "51974"
},
{
"db": "PACKETSTORM",
"id": "51856"
},
{
"db": "PACKETSTORM",
"id": "41587"
},
{
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "15422"
},
{
"db": "PACKETSTORM",
"id": "43410"
},
{
"db": "PACKETSTORM",
"id": "42148"
},
{
"db": "PACKETSTORM",
"id": "42110"
},
{
"db": "PACKETSTORM",
"id": "52337"
},
{
"db": "PACKETSTORM",
"id": "51974"
},
{
"db": "PACKETSTORM",
"id": "51856"
},
{
"db": "PACKETSTORM",
"id": "41587"
},
{
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-09T00:00:00",
"db": "BID",
"id": "15422"
},
{
"date": "2006-01-27T06:43:36",
"db": "PACKETSTORM",
"id": "43410"
},
{
"date": "2005-12-07T17:36:35",
"db": "PACKETSTORM",
"id": "42148"
},
{
"date": "2005-12-07T01:44:11",
"db": "PACKETSTORM",
"id": "42110"
},
{
"date": "2006-11-20T16:15:03",
"db": "PACKETSTORM",
"id": "52337"
},
{
"date": "2006-11-13T15:36:34",
"db": "PACKETSTORM",
"id": "51974"
},
{
"date": "2006-11-10T16:02:24",
"db": "PACKETSTORM",
"id": "51856"
},
{
"date": "2005-11-19T21:56:12",
"db": "PACKETSTORM",
"id": "41587"
},
{
"date": "2005-11-16T11:02:00",
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"date": "2005-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-12T22:30:00",
"db": "BID",
"id": "15422"
},
{
"date": "2008-09-05T20:54:49.227000",
"db": "NVD",
"id": "CVE-2005-3621"
},
{
"date": "2005-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "51974"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "phpMyAdmin CRLF Injection vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-204"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.