Lucene search

K
debianDebianDEBIAN:DLA-1821-1:AF0F6
HistoryJun 17, 2019 - 8:41 p.m.

[SECURITY] [DLA 1821-1] phpmyadmin security update

2019-06-1720:41:59
lists.debian.org
139

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

Low

EPSS

0.012

Percentile

85.6%

Package : phpmyadmin
Version : 4:4.2.12-2+deb8u6
CVE ID : CVE-2016-6606 CVE-2016-6607 CVE-2016-6611 CVE-2016-6612
CVE-2016-6613 CVE-2016-6624 CVE-2016-6626 CVE-2016-6627
CVE-2016-6628 CVE-2016-6630 CVE-2016-6631 CVE-2016-6632
CVE-2016-9849 CVE-2016-9850 CVE-2016-9861 CVE-2016-9864
CVE-2019-12616
Debian Bug : 930017

Multiple security vulnerabilities were fixed in phpmyadmin, a MySQL web
administration tool, which prevent possible SQL injection attacks, CSRF,
the bypass of user restrictions, information disclosure or
denial-of-service.

For Debian 8 "Jessie", these problems have been fixed in version
4:4.2.12-2+deb8u6.

We recommend that you upgrade your phpmyadmin packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

Low

EPSS

0.012

Percentile

85.6%