FreeBSD Local Security Checks : FreeBSD Ports: phpmyadmin, phpMyAdmin

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.54462

Category: FreeBSD Local Security Checks

Title: FreeBSD Ports: phpmyadmin, phpMyAdmin

Summary: The remote host is missing an update to the system; as announced in the referenced advisory.

Description: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

phpmyadmin, phpMyAdmin

CVE-2005-0992
Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin
before 2.6.2-rc1 allows remote attackers to inject arbitrary web
script or HTML via the convcharset parameter.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-0992
BugTraq ID: 12982
http://www.securityfocus.com/bid/12982
Bugtraq: 20050404 phpMyAdmin Cross-site Scripting Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=111264361622660&w=2
http://www.gentoo.org/security/en/glsa/glsa-200504-08.xml
http://www.arrelnet.com/advisories/adv20050403.html
http://secunia.com/advisories/14799
XForce ISS Database: phpmyadmin-convcharset-xss(19940)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19940

Copyright Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.54462
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: phpmyadmin, phpMyAdmin
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: phpmyadmin, phpMyAdmin CVE-2005-0992 Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0992 BugTraq ID: 12982 http://www.securityfocus.com/bid/12982 Bugtraq: 20050404 phpMyAdmin Cross-site Scripting Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=111264361622660&w=2 http://www.gentoo.org/security/en/glsa/glsa-200504-08.xml http://www.arrelnet.com/advisories/adv20050403.html http://secunia.com/advisories/14799 XForce ISS Database: phpmyadmin-convcharset-xss(19940) https://exchange.xforce.ibmcloud.com/vulnerabilities/19940
Copyright	Copyright (C) 2008 E-Soft Inc.