Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2016-0051)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.131209

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2016-0051)

Resumen: The remote host is missing an update for the 'phpmyadmin, phpseclib' package(s) announced via the MGASA-2016-0051 advisory.

Descripción: Summary:
The remote host is missing an update for the 'phpmyadmin, phpseclib' package(s) announced via the MGASA-2016-0051 advisory.

Vulnerability Insight:
Password suggestion functionality uses Math.random() which does not
provide cryptographically secure random numbers (CVE-2016-1927).

By calling some scripts that are part of phpMyAdmin in an unexpected way,
it is possible to trigger phpMyAdmin to display a PHP error message which
contains the full path of the directory where phpMyAdmin is installed
(CVE-2016-2038).

The XSRF/CSRF token is generated with a weak algorithm using functions
that do not return cryptographically secure values (CVE-2016-2039).

With a crafted table name it is possible to trigger an XSS attack in the
database search page. With a crafted SET value or a crafted search query,
it is possible to trigger an XSS attacks in the zoom search page. With a
crafted hostname header, it is possible to trigger an XSS attacks in the
home page (CVE-2016-2040).

The comparison of the XSRF/CSRF token parameter with the value saved in
the session is vulnerable to timing attacks. Moreover, the comparison
could be bypassed if the XSRF/CSRF token matches a particular pattern
(CVE-2016-2041).

The phpmyadmin package has been updated to version 4.4.15.4 in the 4.4.x
stable branch, and the phpseclib dependency has been updated to version
2.0.1.

Affected Software/OS:
'phpmyadmin, phpseclib' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-1927
Debian Security Information: DSA-3627 (Google Search)
http://www.debian.org/security/2016/dsa-3627
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
SuSE Security Announcement: openSUSE-SU-2016:0357 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
SuSE Security Announcement: openSUSE-SU-2016:0378 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2038
Common Vulnerability Exposure (CVE) ID: CVE-2016-2039
Common Vulnerability Exposure (CVE) ID: CVE-2016-2040
Common Vulnerability Exposure (CVE) ID: CVE-2016-2041

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.131209
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0051)
Resumen:	The remote host is missing an update for the 'phpmyadmin, phpseclib' package(s) announced via the MGASA-2016-0051 advisory.
Descripción:	Summary: The remote host is missing an update for the 'phpmyadmin, phpseclib' package(s) announced via the MGASA-2016-0051 advisory. Vulnerability Insight: Password suggestion functionality uses Math.random() which does not provide cryptographically secure random numbers (CVE-2016-1927). By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed (CVE-2016-2038). The XSRF/CSRF token is generated with a weak algorithm using functions that do not return cryptographically secure values (CVE-2016-2039). With a crafted table name it is possible to trigger an XSS attack in the database search page. With a crafted SET value or a crafted search query, it is possible to trigger an XSS attacks in the zoom search page. With a crafted hostname header, it is possible to trigger an XSS attacks in the home page (CVE-2016-2040). The comparison of the XSRF/CSRF token parameter with the value saved in the session is vulnerable to timing attacks. Moreover, the comparison could be bypassed if the XSRF/CSRF token matches a particular pattern (CVE-2016-2041). The phpmyadmin package has been updated to version 4.4.15.4 in the 4.4.x stable branch, and the phpseclib dependency has been updated to version 2.0.1. Affected Software/OS: 'phpmyadmin, phpseclib' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1927 Debian Security Information: DSA-3627 (Google Search) http://www.debian.org/security/2016/dsa-3627 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html SuSE Security Announcement: openSUSE-SU-2016:0357 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html SuSE Security Announcement: openSUSE-SU-2016:0378 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2038 Common Vulnerability Exposure (CVE) ID: CVE-2016-2039 Common Vulnerability Exposure (CVE) ID: CVE-2016-2040 Common Vulnerability Exposure (CVE) ID: CVE-2016-2041
Copyright	Copyright (C) 2016 Greenbone AG