Vulnerability Details : CVE-2005-3347
Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.
Vulnerability category: Directory traversal
Products affected by CVE-2005-3347
- cpe:2.3:a:phpgroupware:phpgroupware:0.9.16:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3347
1.81%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-3347
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2005-3347
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2005-3347
-
http://www.securityfocus.com/archive/1/416543
-
http://www.debian.org/security/2005/dsa-897
[SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities
-
http://www.hardened-php.net/advisory_212005.81.html
Hardened PHP - Hardened-PHP
-
http://www.debian.org/security/2005/dsa-899
[SECURITY] [DSA 899-1] New egroupware packages fix several vulnerabilities
-
http://www.mandriva.com/security/advisories?name=MDKSA-2005:212
Mandriva
-
http://www.securityfocus.com/bid/15396
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/23107
phpSysInfo register_globals data manipulation CVE-2005-3347 Vulnerability Report
-
http://www.debian.org/security/2005/dsa-898
[SECURITY] [DSA 898-1] New phpgroupware packages fix several vulnerabilitiesPatch;Vendor Advisory
-
http://www.gentoo.org/security/en/glsa/glsa-200511-18.xml
phpSysInfo: Multiple vulnerabilities (GLSA 200511-18) — Gentoo security
-
http://www.securityfocus.com/bid/15414
Jump to