|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 1675-1 (phpmyadmin)|
|Summary:||Debian Security Advisory DSA 1675-1 (phpmyadmin)|
|Description:||The remote host is missing an update to phpmyadmin|
announced via advisory DSA 1675-1.
Masako Oono discovered that phpMyAdmin, a web-based administration
interface for MySQL, insufficiently sanitises input allowing a
remote attacker to gather sensitive data through cross site scripting,
provided that the user uses the Internet Explorer web browser.
This update also fixes a regression introduced in DSA 1641, that
broke changing of the language and encoding in the login screen.
For the stable distribution (etch), these problems have been fixed in
For the unstable distribution (sid), these problems have been fixed in
We recommend that you upgrade your phpmyadmin package.
Common Vulnerability Exposure (CVE) ID: CVE-2008-4326|
Debian Security Information: DSA-1675 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:003 (Google Search)
|Copyright||Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com|
|This is only one of 38907 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.