Package: phpmyadmin
Tags: security
Severity: grave
This one seems to be different from the vulnerability mentioned in
Debian bug #333433.
From: Stefan Esser <[EMAIL PROTECTED]>
Subject: [Full-disclosure] Advisory 16/2005: phpMyAdmin Local File Inclusion
Vulnerability
To: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Date: Sat, 22 Oct 2005 15:33:46 +0200
Message-ID: <[EMAIL PROTECTED]>
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: phpMyAdmin Local File Inclusion Vulnerability
Release Date: 2005/10/22
Last Modified: 2005/10/22
Author: Stefan Esser [EMAIL PROTECTED]
Application: phpMyAdmin <= 2.6.4-pl2
Severity: A design flaw within phpMyAdmin allows inclusion
of arbitrary files, which usually leads to remote
code execution
Risk: Critical
Vendor Status: Vendor has released an updated version
References: http://www.hardened-php.net/advisory_162005.73.html
[...]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
