 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.831328 |
| Category: | Mandrake Local Security Checks |
| Title: | Mandriva Update for phpmyadmin MDVSA-2011:026 (phpmyadmin) |
| Summary: | The remote host is missing an update for the 'phpmyadmin'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'phpmyadmin' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities were discovered and corrected in phpmyadmin: When the files README, ChangeLog or LICENSE have been removed from their original place (possibly by the distributor), the scripts used to display these files can show their full path, leading to possible further attacks (CVE-2011-0986). It was possible to create a bookmark which would be executed unintentionally by other users (CVE-2011-0987). The updated packages have been upgraded to the latest versions to mitigate these issues. Affected Software/OS: phpmyadmin on Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-0986 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:026 http://secunia.com/advisories/43478 http://www.vupen.com/english/advisories/2011/0385 XForce ISS Database: phpmyadmin-readme-path-disclosure(65424) https://exchange.xforce.ibmcloud.com/vulnerabilities/65424 Common Vulnerability Exposure (CVE) ID: CVE-2011-0987 BugTraq ID: 46359 http://www.securityfocus.com/bid/46359 Debian Security Information: DSA-2167 (Google Search) http://www.debian.org/security/2011/dsa-2167 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054525.html http://secunia.com/advisories/43324 http://secunia.com/advisories/43391 http://www.vupen.com/english/advisories/2011/0381 http://www.vupen.com/english/advisories/2011/0409 http://www.vupen.com/english/advisories/2011/0512 http://www.vupen.com/english/advisories/2011/0570 XForce ISS Database: phpmyadmin-bookmark-security-bypass(65390) https://exchange.xforce.ibmcloud.com/vulnerabilities/65390 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |