FreeBSD Local Security Checks : FreeBSD Ports: phpMyAdmin

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52439

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: phpMyAdmin

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: phpMyAdmin

The installed version of phpMyAdmin allows an
attacker to execute arbitrary PHP code on the
remote system as a result of improper sanitization
of the table name which escapes quotes in a PHP
eval() statement.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-2632
BugTraq ID: 10629
http://www.securityfocus.com/bid/10629
Bugtraq: 20040628 php codes injection in phpMyAdmin version 2.5.7. (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2004-06/0444.html
Bugtraq: 20040630 Re: php codes injection in phpMyAdmin version 2.5.7. (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2004-06/0473.html
http://www.gentoo.org/security/en/glsa/glsa-200407-22.xml
http://eagle.kecapi.com/sec/fd/phpMyAdmin.html
http://www.osvdb.org/7315
http://securitytracker.com/alerts/2004/Jun/1010614.html
http://secunia.com/advisories/11974
XForce ISS Database: phpmyadmin-code-manipulation(16555)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16555
Common Vulnerability Exposure (CVE) ID: CVE-2004-2631
Bugtraq: 20041018 phpMyAdmin: Vulnerability in MIME-based transformation (Google Search)
http://marc.info/?l=bugtraq&m=109816584519779&w=2
http://www.securiteam.com/unixfocus/5QP040ADFW.html
http://www.osvdb.org/7314
http://securitytracker.com/id?1010614
XForce ISS Database: phpmyadmin-php-injection(16542)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16542

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52439
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: phpMyAdmin
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: phpMyAdmin The installed version of phpMyAdmin allows an attacker to execute arbitrary PHP code on the remote system as a result of improper sanitization of the table name which escapes quotes in a PHP eval() statement. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2632 BugTraq ID: 10629 http://www.securityfocus.com/bid/10629 Bugtraq: 20040628 php codes injection in phpMyAdmin version 2.5.7. (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-06/0444.html Bugtraq: 20040630 Re: php codes injection in phpMyAdmin version 2.5.7. (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-06/0473.html http://www.gentoo.org/security/en/glsa/glsa-200407-22.xml http://eagle.kecapi.com/sec/fd/phpMyAdmin.html http://www.osvdb.org/7315 http://securitytracker.com/alerts/2004/Jun/1010614.html http://secunia.com/advisories/11974 XForce ISS Database: phpmyadmin-code-manipulation(16555) https://exchange.xforce.ibmcloud.com/vulnerabilities/16555 Common Vulnerability Exposure (CVE) ID: CVE-2004-2631 Bugtraq: 20041018 phpMyAdmin: Vulnerability in MIME-based transformation (Google Search) http://marc.info/?l=bugtraq&m=109816584519779&w=2 http://www.securiteam.com/unixfocus/5QP040ADFW.html http://www.osvdb.org/7314 http://securitytracker.com/id?1010614 XForce ISS Database: phpmyadmin-php-injection(16542) https://exchange.xforce.ibmcloud.com/vulnerabilities/16542
Copyright	Copyright (C) 2008 E-Soft Inc.