CVE-2011-0986 Information

Feb 14, 2021 cve

Description

phpMyAdmin 2.11.x before 2.11.11.2 and 3.3.x before 3.3.9.1 does not properly handle the absence of the (1) README (2) ChangeLog and (3) LICENSE files which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.

Reference

http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=035d002db1e1201e73e560d7d98591563b506a83 http://secunia.com/advisories/43478 http://www.mandriva.com/security/advisories?name=MDVSA-2011:026 http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php http://www.vupen.com/english/advisories/2011/0385 https://exchange.xforce.ibmcloud.com/vulnerabilities/65424

Share on: