Lucene search

K
archlinuxArch LinuxASA-201606-25
HistoryJun 25, 2016 - 12:00 a.m.

phpmyadmin: multiple issues

2016-06-2500:00:00
Arch Linux
lists.archlinux.org
24

EPSS

0.028

Percentile

90.7%

  • CVE-2016-5702 (cookie attribute injection)

A vulnerability was found where, under some circumstances, an attacker
can inject arbitrary values in the browser cookies.
Only affected when PHP_SELF is not set.

  • CVE-2016-5703 (SQL injection)

A vulnerability was discovered that allows an SQL injection attack to
run arbitrary commands as the control user.

This attack requires a controluser to exist and be configured in
config.inc.php, therefore the attack can be mitigated by temporarily
disabling the controluser.

  • CVE-2016-5704 (cross-side scripting)

An cross-side scripting vulnerability was discovered on the table
structure page

  • CVE-2016-5705 (cross-side scripting)
  • An cross-side scripting vulnerability was discovered on the user
    privileges page.
  • An cross-side scripting vulnerability was discovered in the error
    console.
  • An cross-side scripting vulnerability was discovered in the central
    columns feature.
  • An cross-side scripting vulnerability was discovered in the
    query bookmarks feature.
  • An cross-side scripting vulnerability was discovered in the user
    groups feature.
  • CVE-2016-5706 (denial of service)

A Denial Of Service (DOS) attack was discovered in the way phpMyAdmin
loads some JavaScript files.

  • CVE-2016-5730 (information disclosure)

By specially crafting requests in the following areas, it is possible
to trigger phpMyAdmin to display a PHP error message which contains the
full path of the directory where phpMyAdmin is installed.

  1. Setup script 2. Example OpenID authentication script

To mitigate these issues, it is possible to remove the setup script and
examples subdirectories: ./setup/ and ./examples/.

  • CVE-2016-5731 (cross-side scripting)

With a specially crafted request, it is possible to trigger an
cross-side scripting attack through the example OpenID authentication
script.
Only affected when the default php.ini is changed and set html_errors = Off.

  • CVE-2016-5732 (cross-side scripting)

A vulnerability was reported allowing a specially crafted table
parameters to cause an cross-side scripting attack through the table
structure page.

  • CVE-2016-57033 (cross-side scripting)
  • A vulnerability was reported allowing a specially crafted table name
    to cause an cross-side scripting attack through the functionality to
    check database privileges.
  • This cross-side scripting doesn’t exist in some translations due to
    different quotes being used there (eg. Czech).
  • A vulnerability was reported allowing a specifically-configured
    MySQL server to execute an cross-side scripting attack. This
    particular attack requires configuring the MySQL server log_bin
    directive with the payload.
  • Several cross-side scripting vulnerabilities were found with the
    Transformation feature
  • Several cross-side scripting vulnerabilities were found in AJAX error
    handling
  • Several cross-side scripting vulnerabilities were found in the
    Designer feature
  • An cross-side scripting vulnerability was found in the charts feature
  • An cross-side scripting vulnerability was found in the zoom search
    feature
  • CVE-2016-5739 (information disclosure)

A vulnerability was reported where a specially crafted Transformation
could be used to leak information including the authentication token.
This could be used to direct a CSRF attack against a user.

OSVersionArchitecturePackageVersionFilename
anyanyanyphpmyadmin< 4.6.3-1UNKNOWN

References