Mandrake Local Security Checks : Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.831441

Categoría: Mandrake Local Security Checks

Título: Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)

Resumen: The remote host is missing an update for the 'phpmyadmin'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'phpmyadmin'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Multiple vulnerabilities has been discovered and corrected in
phpmyadmin:

libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication
feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1
assigns values to arbitrary parameters referenced in the query string,
which allows remote attackers to modify the SESSION superglobal array
via a crafted request, related to a remote variable manipulation
vulnerability. (CVE-2011-2505).

setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2
and 3.4.x before 3.4.3.1 does not properly restrict the presence of
comment closing delimiters, which allows remote attackers to conduct
static code injection attacks by leveraging the ability to modify
the SESSION superglobal array (CVE-2011-2506).

libraries/server_synchronize.lib.php in the Synchronize implementation
in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not
properly quote regular expressions, which allows remote authenticated
users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and
consequently execute arbitrary PHP code, by leveraging the ability
to modify the SESSION superglobal array (CVE-2011-2507).

Directory traversal vulnerability in libraries/display_tbl.lib.php
in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when
a certain MIME transformation feature is enabled, allows remote
authenticated users to include and execute arbitrary local files
via a .. (dot dot) in a GLOBALS[mime_map][->name][transformation]
parameter (CVE-2011-2508).

Multiple cross-site scripting (XSS) vulnerabilities in the table Print
view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3
and 3.4.x before 3.4.3.2 allow remote authenticated users to inject
arbitrary web script or HTML via a crafted table name (CVE-2011-2642).

Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before
3.4.3.2, when configuration storage is enabled, allows remote attackers
to include and execute arbitrary local files via directory traversal
sequences in a MIME-type transformation parameter (CVE-2011-2643).

Multiple directory traversal vulnerabilities in the relational
schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote
authenticated users to include and execute arbitrary local files via
directory traversal sequences in an export type field, related to
(1) libraries/schema/User_Schema.class.php and (2) schema_export.php
(CVE-2011-2718).

libraries/auth/swekey/swekey.auth.lib ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
phpmyadmin on Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-2505
Bugtraq: 20110707 phpMyAdmin 3.x Multiple Remote Code Executions (Google Search)
http://www.securityfocus.com/archive/1/518804/100/0/threaded
Debian Security Information: DSA-2286 (Google Search)
http://www.debian.org/security/2011/dsa-2286
http://www.exploit-db.com/exploits/17514/
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:124
http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
http://www.openwall.com/lists/oss-security/2011/06/28/2
http://www.openwall.com/lists/oss-security/2011/06/28/6
http://www.openwall.com/lists/oss-security/2011/06/28/8
http://www.openwall.com/lists/oss-security/2011/06/29/11
http://www.osvdb.org/73611
http://secunia.com/advisories/45139
http://secunia.com/advisories/45292
http://secunia.com/advisories/45315
http://securityreason.com/securityalert/8306
Common Vulnerability Exposure (CVE) ID: CVE-2011-2506
http://www.osvdb.org/73612
Common Vulnerability Exposure (CVE) ID: CVE-2011-2507
http://0x6a616d6573.blogspot.com/2011/07/phpmyadmin-fud.html
http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html
http://www.osvdb.org/73613
Common Vulnerability Exposure (CVE) ID: CVE-2011-2508
http://www.osvdb.org/73614
Common Vulnerability Exposure (CVE) ID: CVE-2011-2642
BugTraq ID: 48874
http://www.securityfocus.com/bid/48874
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html
http://secunia.com/advisories/45365
http://secunia.com/advisories/45515
XForce ISS Database: phpmyadmin-table-print-xss(68750)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68750
Common Vulnerability Exposure (CVE) ID: CVE-2011-2643
XForce ISS Database: phpmyadmin-mimetype-file-include(68767)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68767
Common Vulnerability Exposure (CVE) ID: CVE-2011-2718
http://www.openwall.com/lists/oss-security/2011/07/25/4
http://www.openwall.com/lists/oss-security/2011/07/26/10
http://osvdb.org/74111
XForce ISS Database: phpmyadmin-schema-file-include(68768)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68768
Common Vulnerability Exposure (CVE) ID: CVE-2011-2719
Bugtraq: 20110724 phpMyAdmin 3.x Conditional Session Manipulation (Google Search)
http://www.securityfocus.com/archive/1/518967/100/0/threaded
Bugtraq: 20110804 Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation (Google Search)
http://www.securityfocus.com/archive/1/519155/100/0/threaded
http://seclists.org/fulldisclosure/2011/Jul/300
http://www.xxor.se/advisories/phpMyAdmin_3.x_Conditional_Session_Manipulation.txt
http://osvdb.org/74112
http://securityreason.com/securityalert/8322
XForce ISS Database: phpmyadmin-swekey-file-overwrite(68769)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68769

Copyright Copyright (c) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.831441
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)
Resumen:	The remote host is missing an update for the 'phpmyadmin'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'phpmyadmin' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities has been discovered and corrected in phpmyadmin: libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a remote variable manipulation vulnerability. (CVE-2011-2505). setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array (CVE-2011-2506). libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and consequently execute arbitrary PHP code, by leveraging the ability to modify the SESSION superglobal array (CVE-2011-2507). Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][->name][transformation] parameter (CVE-2011-2508). Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name (CVE-2011-2642). Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter (CVE-2011-2643). Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php (CVE-2011-2718). libraries/auth/swekey/swekey.auth.lib ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: phpmyadmin on Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2505 Bugtraq: 20110707 phpMyAdmin 3.x Multiple Remote Code Executions (Google Search) http://www.securityfocus.com/archive/1/518804/100/0/threaded Debian Security Information: DSA-2286 (Google Search) http://www.debian.org/security/2011/dsa-2286 http://www.exploit-db.com/exploits/17514/ http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:124 http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt http://www.openwall.com/lists/oss-security/2011/06/28/2 http://www.openwall.com/lists/oss-security/2011/06/28/6 http://www.openwall.com/lists/oss-security/2011/06/28/8 http://www.openwall.com/lists/oss-security/2011/06/29/11 http://www.osvdb.org/73611 http://secunia.com/advisories/45139 http://secunia.com/advisories/45292 http://secunia.com/advisories/45315 http://securityreason.com/securityalert/8306 Common Vulnerability Exposure (CVE) ID: CVE-2011-2506 http://www.osvdb.org/73612 Common Vulnerability Exposure (CVE) ID: CVE-2011-2507 http://0x6a616d6573.blogspot.com/2011/07/phpmyadmin-fud.html http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html http://www.osvdb.org/73613 Common Vulnerability Exposure (CVE) ID: CVE-2011-2508 http://www.osvdb.org/73614 Common Vulnerability Exposure (CVE) ID: CVE-2011-2642 BugTraq ID: 48874 http://www.securityfocus.com/bid/48874 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html http://secunia.com/advisories/45365 http://secunia.com/advisories/45515 XForce ISS Database: phpmyadmin-table-print-xss(68750) https://exchange.xforce.ibmcloud.com/vulnerabilities/68750 Common Vulnerability Exposure (CVE) ID: CVE-2011-2643 XForce ISS Database: phpmyadmin-mimetype-file-include(68767) https://exchange.xforce.ibmcloud.com/vulnerabilities/68767 Common Vulnerability Exposure (CVE) ID: CVE-2011-2718 http://www.openwall.com/lists/oss-security/2011/07/25/4 http://www.openwall.com/lists/oss-security/2011/07/26/10 http://osvdb.org/74111 XForce ISS Database: phpmyadmin-schema-file-include(68768) https://exchange.xforce.ibmcloud.com/vulnerabilities/68768 Common Vulnerability Exposure (CVE) ID: CVE-2011-2719 Bugtraq: 20110724 phpMyAdmin 3.x Conditional Session Manipulation (Google Search) http://www.securityfocus.com/archive/1/518967/100/0/threaded Bugtraq: 20110804 Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation (Google Search) http://www.securityfocus.com/archive/1/519155/100/0/threaded http://seclists.org/fulldisclosure/2011/Jul/300 http://www.xxor.se/advisories/phpMyAdmin_3.x_Conditional_Session_Manipulation.txt http://osvdb.org/74112 http://securityreason.com/securityalert/8322 XForce ISS Database: phpmyadmin-swekey-file-overwrite(68769) https://exchange.xforce.ibmcloud.com/vulnerabilities/68769
Copyright	Copyright (c) 2011 Greenbone Networks GmbH