Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200906-03 (phpmyadmin)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64361

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200906-03 (phpmyadmin)

Resumen: The remote host is missing updates announced in;advisory GLSA 200906-03.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200906-03.

Vulnerability Insight:
Multiple errors in phpMyAdmin might allow the remote execution of arbitrary
code or a Cross-Site Scripting attack.

Solution:
All phpMyAdmin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-2.11.9.5'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1150
BugTraq ID: 34251
http://www.securityfocus.com/bid/34251
Debian Security Information: DSA-1824 (Google Search)
http://www.debian.org/security/2009/dsa-1824
http://security.gentoo.org/glsa/glsa-200906-03.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:115
http://secunia.com/advisories/34430
http://secunia.com/advisories/34642
http://secunia.com/advisories/35585
http://secunia.com/advisories/35635
SuSE Security Announcement: SUSE-SR:2009:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
Common Vulnerability Exposure (CVE) ID: CVE-2009-1151
BugTraq ID: 34236
http://www.securityfocus.com/bid/34236
Bugtraq: 20090609 CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept (Google Search)
http://www.securityfocus.com/archive/1/504191/100/0/threaded
https://www.exploit-db.com/exploits/8921
http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/
http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64361
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200906-03 (phpmyadmin)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200906-03.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200906-03. Vulnerability Insight: Multiple errors in phpMyAdmin might allow the remote execution of arbitrary code or a Cross-Site Scripting attack. Solution: All phpMyAdmin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-2.11.9.5' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1150 BugTraq ID: 34251 http://www.securityfocus.com/bid/34251 Debian Security Information: DSA-1824 (Google Search) http://www.debian.org/security/2009/dsa-1824 http://security.gentoo.org/glsa/glsa-200906-03.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:115 http://secunia.com/advisories/34430 http://secunia.com/advisories/34642 http://secunia.com/advisories/35585 http://secunia.com/advisories/35635 SuSE Security Announcement: SUSE-SR:2009:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html Common Vulnerability Exposure (CVE) ID: CVE-2009-1151 BugTraq ID: 34236 http://www.securityfocus.com/bid/34236 Bugtraq: 20090609 CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept (Google Search) http://www.securityfocus.com/archive/1/504191/100/0/threaded https://www.exploit-db.com/exploits/8921 http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/ http://www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/
Copyright	Copyright (C) 2009 E-Soft Inc.