CVE-2005-3347 Information

Description

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier as used in phpgroupware 0.9.16 and earlier and egrouwpware before 1.0.0.009 allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter which overwrites an internal variable a variant of CVE-2003-0536. NOTE: due to a typo in an advisory an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.

Reference

http://secunia.com/advisories/17441 http://secunia.com/advisories/17570 http://secunia.com/advisories/17584 http://secunia.com/advisories/17616 http://secunia.com/advisories/17620 http://secunia.com/advisories/17643 http://secunia.com/advisories/17698 http://www.debian.org/security/2005/dsa-897 http://www.debian.org/security/2005/dsa-898 http://www.debian.org/security/2005/dsa-899 http://www.gentoo.org/security/en/glsa/glsa-200511-18.xml http://www.hardened-php.net/advisory_212005.81.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:212 http://www.securityfocus.com/archive/1/416543 http://www.securityfocus.com/bid/15396 http://www.securityfocus.com/bid/15414 https://exchange.xforce.ibmcloud.com/vulnerabilities/23107