FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- HTTP Response Splitting vulnerability

Affected packages
phpMyAdmin < 2.6.4.4

Details

VuXML ID c55f9ed0-56a7-11da-a3f0-00123ffe8333
Discovery 2005-11-15
Entry 2005-11-16

A phpMyAdmin security advisory reports:

Some scripts in phpMyAdmin are vulnerable to an HTTP Response Splitting attack.

Severity:

We consider these vulnerabilities to be serious. However, they can only be triggered on systems running with register_globals = on.

References

URL http://secunia.com/advisories/17578/
URL http://www.fitsec.com/advisories/FS-05-02.txt
URL http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6