CVE-2005-0567 Affecting phpmyadmin package, versions <3:2.6.1-pl2-1
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN11-PHPMYADMIN-535923
- published 2 May 2005
- disclosed 2 May 2005
Introduced: 2 May 2005
CVE-2005-0567 Open this link in a new tabHow to fix?
Upgrade Debian:11 phpmyadmin to version 3:2.6.1-pl2-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream phpmyadmin package and not the phpmyadmin package as distributed by Debian.
See How to fix? for Debian:11 relevant fixed versions and status.
Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.
References
- https://security-tracker.debian.org/tracker/CVE-2005-0567
- http://marc.info/?l=bugtraq&m=110929725801154&w=2
- http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1
- http://secunia.com/advisories/14382/
- http://www.securityfocus.com/bid/12645
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19465