[VIM] provable vendor ACK for PHPX SQL injection

Steven M. Christey coley at mitre.org
Sun Dec 4 17:29:20 EST 2005

Re: CVE-2005-3968

Vendor has a vague ACK at:


A patch is provided.

A diff between auth.inc.php in 3.5.9 versus the patch shows a new
check that $username is alphanumeric.

- Steve

Name: CVE-2005-3968
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3968
Reference: BUGTRAQ:20051130 PhpX <= 3.5.9 SQL Injection -> login bypass -> remote command/code execution
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/418253/100/0/threaded
Reference: MISC:http://rgod.altervista.org/phpx_359_xpl.html
Reference: CONFIRM:http://www.phpx.org/news.php?news_id=139
Reference: BID:15680
Reference: URL:http://www.securityfocus.com/bid/15680
Reference: FRSIRT:ADV-2005-2696
Reference: URL:http://www.frsirt.com/english/advisories/2005/2696
Reference: SECTRACK:1015300
Reference: URL:http://securitytracker.com/id?1015300
Reference: SECUNIA:17858
Reference: URL:http://secunia.com/advisories/17858

SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier
allows remote attackers to execute arbitrary SQL commands, bypass
authentication, and upload arbitrary PHP code via the username

More information about the VIM mailing list