CVE-2005-1392

Name of the Vulnerable Software and Affected Versions: phpMyAdmin version 2.6.2

Description: The issue concerns the SQL install script in phpMyAdmin, which is created with world-readable permissions. This allows local users to obtain the initial database password by reading the script.

Recommendations: For phpMyAdmin version 2.6.2, consider changing the permissions of the SQL install script to prevent world-readable access until a patch is available. As a temporary workaround, restrict local user access to the script to minimize the risk of exploitation.