 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.59714 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 7 FEDORA-2007-2738 (phpMyAdmin) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2007-2738. phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and is available in 50 languages ChangeLog: * Mon Oct 29 2007 Mike McGrath 2.11.2-1 * upstream released new version * Mon Oct 22 2007 Mike McGrath 2.11.1.2-1 * upstream released new version * Thu Sep 6 2007 Mike McGrath 2.11.0-1 - Upstream released new version - Altered sources file as required - Added proper license * Mon Jul 23 2007 Mike McGrath 2.10.3-1 - Upstream released new version References: [ 1 ] Bug #333661 - phpMyAdmin 2.11.1.2 is released (fixes CVE-2007-5386, CVE-2007-5589) https://bugzilla.redhat.com/show_bug.cgi?id=333661 [ 2 ] CVE-2007-5386 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5386 [ 3 ] CVE-2007-5589 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5589 Updated packages: 25f2657507c79e530da135775e8867d55a262149 phpMyAdmin-2.11.2-1.fc7.noarch.rpm 6bb894afbd484c1a6439a93d92ce4e6cc9742387 phpMyAdmin-2.11.2-1.fc7.src.rpm This update can be installed with the yum update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2738 Risk factor : Medium CVSS Score: 4.3 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-5386 BugTraq ID: 26020 http://www.securityfocus.com/bid/26020 Bugtraq: 20071015 about phpMyAdmin setup.php XSS vulnerability (Google Search) http://www.securityfocus.com/archive/1/482339/100/0/threaded Debian Security Information: DSA-1403 (Google Search) http://www.debian.org/security/2007/dsa-1403 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00040.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:199 http://www.digitrustgroup.com/advisories/TDG-advisory071009a http://osvdb.org/37678 http://secunia.com/advisories/27173 http://secunia.com/advisories/27506 http://secunia.com/advisories/27595 http://www.vupen.com/english/advisories/2007/3469 XForce ISS Database: phpmyadmin-setup-xss(37077) https://exchange.xforce.ibmcloud.com/vulnerabilities/37077 Common Vulnerability Exposure (CVE) ID: CVE-2007-5589 BugTraq ID: 26301 http://www.securityfocus.com/bid/26301 http://www.digitrustgroup.com/advisories/TDG-advisory071015a.html http://osvdb.org/37939 http://secunia.com/advisories/27246 http://secunia.com/advisories/29323 SuSE Security Announcement: SUSE-SR:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://www.vupen.com/english/advisories/2007/3535 XForce ISS Database: phpmyadmin-serverstatus-xss(37292) https://exchange.xforce.ibmcloud.com/vulnerabilities/37292 |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |