Vulnerability Name:

CVE-2005-2256 (CCN-21265)

Assigned:2005-07-07
Published:2005-07-07
Updated:2008-09-05
Summary:Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MLIST
Type: UNKNOWN
[Dailydave] 20050704 !!! pre-authenticated remote code inclusion vulnerability inside phppgadmin !!!

Source: MITRE
Type: CNA
CVE-2005-2256

Source: CCN
Type: SA15941
phpPgAdmin "formLanguage" Local File Inclusion Vulnerability

Source: SECUNIA
Type: Vendor Advisory
15941

Source: SECUNIA
Type: UNKNOWN
16116

Source: CCN
Type: SECTRACK ID: 1014414
phpPgAdmin Input Validation Hole in `formLanguage` Discloses Files to Remote Users

Source: SECTRACK
Type: Exploit
1014414

Source: CONFIRM
Type: UNKNOWN
http://sourceforge.net/project/shownotes.php?release_id=342261

Source: CCN
Type: phpPgAdmin Web page
Project: phpPgAdmin: Summary

Source: DEBIAN
Type: UNKNOWN
DSA-759

Source: DEBIAN
Type: DSA-759
phppgadmin -- missing input sanitising

Source: CCN
Type: OSVDB ID: 17758
phpPgAdmin index.php formLanguage Parameter Local File Inclusion

Source: BID
Type: Exploit
14142

Source: CCN
Type: BID-14142
PHPPGAdmin Login Form Directory Traversal Vulnerability

Source: MISC
Type: Vendor Advisory
http://www.vuxml.org/freebsd/88188a8c-eff6-11d9-8310-0001020eed82.html

Source: XF
Type: UNKNOWN
phppgadmin-formlanguage-file-include(21265)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:phppgadmin:phppgadmin:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:phppgadmin:phppgadmin:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:phppgadmin:phppgadmin:3.3:*:*:*:*:*:*:*
  • OR cpe:/a:phppgadmin:phppgadmin:3.4:*:*:*:*:*:*:*
  • OR cpe:/a:phppgadmin:phppgadmin:3.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:phppgadmin:phppgadmin:3.5.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.debian:def:759
    V
    		missing input sanitising
    2005-07-18
    BACK
    phppgadmin phppgadmin 3.1
    phppgadmin phppgadmin 3.2
    phppgadmin phppgadmin 3.3
    phppgadmin phppgadmin 3.4
    phppgadmin phppgadmin 3.4.1
    phppgadmin phppgadmin 3.5.3