Test ID:	1.3.6.1.4.1.25623.1.0.64535
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDVSA-2009:192 (phpmyadmin)
Summary:	The remote host is missing an update to phpmyadmin;announced via advisory MDVSA-2009:192.
Description:	Summary: The remote host is missing an update to phpmyadmin announced via advisory MDVSA-2009:192. Vulnerability Insight: A vulnerability has been identified and corrected in phpMyAdmin: Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark (CVE-2009-2284). This update provides phpmyadmin 3.2.0.1, which is not vulnerable to this issue. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2284 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00256.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00150.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00152.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:192 http://secunia.com/advisories/35649 http://secunia.com/advisories/35715
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.