 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2016.0416 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2016-0416) |
| Summary: | The remote host is missing an update for the 'phpmyadmin' package(s) announced via the MGASA-2016-0416 advisory. |
| Description: | Summary: The remote host is missing an update for the 'phpmyadmin' package(s) announced via the MGASA-2016-0416 advisory. Vulnerability Insight: In phpMyAdmin before 4.4.15.9, when the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created using a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies (CVE-2016-9847). In phpMyAdmin before 4.4.15.9, phpinfo.php shows PHP information including values of sensitive HttpOnly cookies (CVE-2016-9848). In phpMyAdmin before 4.4.15.9, it is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username (CVE-2016-9849). In phpMyAdmin before 4.4.15.9, a vulnerability in username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time (CVE-2016-9850). In phpMyAdmin before 4.4.15.9, with a crafted request parameter value it is possible to bypass the logout timeout (CVE-2016-9851). In phpMyAdmin before 4.4.15.9, by calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin is written to the export file (CVE-2016-9852, CVE-2016-9853, CVE-2016-9854, CVE-2016-9855). In phpMyAdmin before 4.4.15.9, several XSS vulnerabilities have been reported, including an improper fix for PMASA-2016-10 and a weakness in a regular expression using in some JavaScript processing (CVE-2016-9856, CVE-2016-9857). In phpMyAdmin before 4.4.15.9, with a crafted request parameter value it is possible to initiate a denial of service attack in saved searches feature (CVE-2016-9858). In phpMyAdmin before 4.4.15.9, with a crafted request parameter value it is possible to initiate a denial of service attack in import feature (CVE-2016-9859). In phpMyAdmin before 4.4.15.9, an unauthenticated user can execute a denial of service attack when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true, (CVE-2016-9860). In phpMyAdmin before 4.4.15.9, due to the limitation in URL matching, it was possible to bypass the URL white-list protection (CVE-2016-9861). In phpMyAdmin before 4.4.15.9, with a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the mysql database (CVE-2016-9864). In phpMyAdmin before 4.4.15.9, due to a bug in serialized string parsing, it was possible to bypass the protection offered by ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'phpmyadmin' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-9847 BugTraq ID: 94524 http://www.securityfocus.com/bid/94524 https://security.gentoo.org/glsa/201701-32 Common Vulnerability Exposure (CVE) ID: CVE-2016-9848 BugTraq ID: 94523 http://www.securityfocus.com/bid/94523 Common Vulnerability Exposure (CVE) ID: CVE-2016-9849 BugTraq ID: 94521 http://www.securityfocus.com/bid/94521 https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9850 BugTraq ID: 94529 http://www.securityfocus.com/bid/94529 Common Vulnerability Exposure (CVE) ID: CVE-2016-9851 BugTraq ID: 94534 http://www.securityfocus.com/bid/94534 Common Vulnerability Exposure (CVE) ID: CVE-2016-9852 BugTraq ID: 94527 http://www.securityfocus.com/bid/94527 Common Vulnerability Exposure (CVE) ID: CVE-2016-9853 Common Vulnerability Exposure (CVE) ID: CVE-2016-9854 Common Vulnerability Exposure (CVE) ID: CVE-2016-9855 Common Vulnerability Exposure (CVE) ID: CVE-2016-9856 BugTraq ID: 94530 http://www.securityfocus.com/bid/94530 Common Vulnerability Exposure (CVE) ID: CVE-2016-9857 Common Vulnerability Exposure (CVE) ID: CVE-2016-9858 BugTraq ID: 94525 http://www.securityfocus.com/bid/94525 Common Vulnerability Exposure (CVE) ID: CVE-2016-9859 Common Vulnerability Exposure (CVE) ID: CVE-2016-9860 Common Vulnerability Exposure (CVE) ID: CVE-2016-9861 BugTraq ID: 94535 http://www.securityfocus.com/bid/94535 Common Vulnerability Exposure (CVE) ID: CVE-2016-9864 BugTraq ID: 94533 http://www.securityfocus.com/bid/94533 Common Vulnerability Exposure (CVE) ID: CVE-2016-9865 BugTraq ID: 94531 http://www.securityfocus.com/bid/94531 https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9866 BugTraq ID: 94536 http://www.securityfocus.com/bid/94536 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |