Vulnerabilities > CVE-2007-0095 - Information Disclosure vulnerability in PHPmyadmin 2.9.1.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2007-4334.NASL description - Upstream released 2.11.3 - Removed the RPM scriptlets doing httpd restarts (#227025) - Patched an information disclosure known as CVE-2007-0095 (#221694) - Provide virtual phpmyadmin package and a httpd alias (#231431) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 29284 published 2007-12-11 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29284 title Fedora 8 : phpMyAdmin-2.11.3-1.fc8 (2007-4334) NASL family Fedora Local Security Checks NASL id FEDORA_2007-4298.NASL description - Upstream released 2.11.3 - Removed the RPM scriptlets doing httpd restarts (#227025) - Patched an information disclosure known as CVE-2007-0095 (#221694) - Provide virtual phpmyadmin package and a httpd alias (#231431) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 29281 published 2007-12-11 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29281 title Fedora 7 : phpMyAdmin-2.11.3-1.fc7 (2007-4298)
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0034.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051544.html
- http://osvdb.org/33257
- http://securityreason.com/securityalert/2104
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:199
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31223