CVE-2005-2256 Information

Description

Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via \2e2e2f\ (encoded dot dot) sequences in the formLanguage parameter.

Reference

http://archives.neohapsis.com/archives/dailydave/2005-q3/0010.html http://secunia.com/advisories/15941 http://secunia.com/advisories/16116 http://securitytracker.com/id?1014414 http://sourceforge.net/project/shownotes.php?release_id=342261 http://www.debian.org/security/2005/dsa-759 http://www.securityfocus.com/bid/14142 http://www.vuxml.org/freebsd/88188a8c-eff6-11d9-8310-0001020eed82.html