 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.1.2.2016.626 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DLA-626-1) |
| Summary: | The remote host is missing an update for the Debian 'phpmyadmin' package(s) announced via the DLA-626-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'phpmyadmin' package(s) announced via the DLA-626-1 advisory. Vulnerability Insight: Phpmyadmin, a web administration tool for MySQL, had several vulnerabilities reported. CVE-2016-6606 A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. A vulnerability was found where the same initialization vector is used to hash the username and password stored in the phpMyAdmin cookie. If a user has the same password as their username, an attacker who examines the browser cookie can see that they are the same -- but the attacker can not directly decode these values from the cookie as it is still hashed. CVE-2016-6607 Cross site scripting vulnerability in the replication feature CVE-2016-6609 A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. CVE-2016-6611 A specially crafted database and/or table name can be used to trigger an SQL injection attack through the SQL export functionality. CVE-2016-6612 A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. CVE-2016-6613 A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. CVE-2016-6614 A vulnerability was reported with the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. CVE-2016-6620 A vulnerability was reported where some data is passed to the PHP unserialize() function without verification that it's valid serialized data. Due to how the PHP function operates, unserialization can result in code being loaded and executed due to object instantiation and autoloading, and a malicious user may be able to exploit this. Therefore, a malicious user may be able to manipulate the stored data in a way to exploit this weakness. CVE-2016-6622 An unauthenticated user is able to execute a denial-of-service attack by forcing persistent connections when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true,. CVE-2016-6623 A malicious authorized user can cause a denial-of-service attack on a server by passing large values to a loop. CVE-2016-6624 A vulnerability was discovered where, under certain circumstances, it may be possible to circumvent the phpMyAdmin IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules. CVE-2016-6630 An authenticated user can trigger a denial-of-service attack by ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'phpmyadmin' package(s) on Debian 7. Solution: Please install the updated package(s). CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-6606 BugTraq ID: 94114 http://www.securityfocus.com/bid/94114 https://security.gentoo.org/glsa/201701-32 https://lists.debian.org/debian-lts-announce/2019/06/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6607 BugTraq ID: 93257 http://www.securityfocus.com/bid/93257 Common Vulnerability Exposure (CVE) ID: CVE-2016-6609 BugTraq ID: 94112 http://www.securityfocus.com/bid/94112 https://lists.debian.org/debian-lts-announce/2018/07/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6611 BugTraq ID: 94117 http://www.securityfocus.com/bid/94117 Common Vulnerability Exposure (CVE) ID: CVE-2016-6612 BugTraq ID: 94113 http://www.securityfocus.com/bid/94113 Common Vulnerability Exposure (CVE) ID: CVE-2016-6613 BugTraq ID: 94115 http://www.securityfocus.com/bid/94115 Common Vulnerability Exposure (CVE) ID: CVE-2016-6614 BugTraq ID: 94366 http://www.securityfocus.com/bid/94366 Common Vulnerability Exposure (CVE) ID: CVE-2016-6620 BugTraq ID: 95055 http://www.securityfocus.com/bid/95055 Common Vulnerability Exposure (CVE) ID: CVE-2016-6622 BugTraq ID: 95049 http://www.securityfocus.com/bid/95049 Common Vulnerability Exposure (CVE) ID: CVE-2016-6623 BugTraq ID: 95052 http://www.securityfocus.com/bid/95052 Common Vulnerability Exposure (CVE) ID: CVE-2016-6624 BugTraq ID: 92489 http://www.securityfocus.com/bid/92489 Common Vulnerability Exposure (CVE) ID: CVE-2016-6630 BugTraq ID: 92501 http://www.securityfocus.com/bid/92501 Common Vulnerability Exposure (CVE) ID: CVE-2016-6631 BugTraq ID: 92496 http://www.securityfocus.com/bid/92496 |
| Copyright | Copyright (C) 2023 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |