CVE-2005-1392 Information

Description

The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions which allows local users to obtain the initial database password by reading the script.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=88831 http://security.gentoo.org/glsa/glsa-200504-30.xml http://www.osvdb.org/16053 http://www.vupen.com/english/advisories/2005/0436