View previous topic :: View next topic |
Author |
Message |
GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Thu Jan 05, 2012 12:26 am Post subject: [ GLSA 201201-01 ] phpMyAdmin: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: phpMyAdmin: Multiple vulnerabilities (GLSA 201201-01)
Severity: high
Exploitable: remote
Date: January 04, 2012
Bug(s): #302745, #335490, #336462, #354227, #373951, #376369, #387413, #389427, #395715
ID: 201201-01
Synopsis
Multiple vulnerabilities were found in phpMyAdmin, the most severe
of which allows the execution of arbitrary PHP code.
Background
phpMyAdmin is a web-based management tool for MySQL databases.
Affected Packages
Package: dev-db/phpmyadmin
Vulnerable: < 3.4.9
Unaffected: >= 3.4.9
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in phpMyAdmin. Please
review the CVE identifiers and phpMyAdmin Security Advisories referenced
below for details.
Impact
Remote attackers might be able to insert and execute PHP code, include
and execute local PHP files, or perform Cross-Site Scripting (XSS)
attacks via various vectors.
Workaround
There is no known workaround at this time.
Resolution
All phpMyAdmin users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-3.4.9"
|
References
CVE-2008-7251
CVE-2008-7252
CVE-2010-2958
CVE-2010-3055
CVE-2010-3056
CVE-2010-3263
CVE-2011-0986
CVE-2011-0987
CVE-2011-2505
CVE-2011-2506
CVE-2011-2507
CVE-2011-2508
CVE-2011-2642
CVE-2011-2643
CVE-2011-2718
CVE-2011-2719
CVE-2011-3646
CVE-2011-4064
CVE-2011-4107
CVE-2011-4634
CVE-2011-4780
CVE-2011-4782
PMASA-2010-1
PMASA-2010-2
PMASA-2010-4
PMASA-2010-5
PMASA-2010-6
PMASA-2010-7
PMASA-2011-1
PMASA-2011-10
PMASA-2011-11
PMASA-2011-12
PMASA-2011-15
PMASA-2011-16
PMASA-2011-17
PMASA-2011-18
PMASA-2011-19
PMASA-2011-2
PMASA-2011-20
PMASA-2011-5
PMASA-2011-6
PMASA-2011-7
PMASA-2011-8
PMASA-2011-9
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|