Search...

Debian DSA-2139-1 : phpmyadmin - several vulnerabilities

2011-01-03T00:00:00

ID DEBIAN_DSA-2139.NASL
Type nessus
Reporter This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2011-01-03T00:00:00

Description

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems :

CVE-2010-4329 Cross site scripting was possible in search, that allowed a remote attacker to inject arbitrary web script or HTML.

CVE-2010-4480 Cross site scripting was possible in errors, that allowed a remote attacker to inject arbitrary web script or HTML.

CVE-2010-4481 Display of PHP's phpinfo() function was available to world, but only if this functionality had been enabled (defaults to off). This may leak some information about the host system.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2139. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(51401);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2010-4329", "CVE-2010-4480", "CVE-2010-4481");
  script_bugtraq_id(45100);
  script_xref(name:"DSA", value:"2139");

  script_name(english:"Debian DSA-2139-1 : phpmyadmin - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in phpMyAdmin, a tool to
administer MySQL over the web. The Common Vulnerabilities and
Exposures project identifies the following problems :

  - CVE-2010-4329
    Cross site scripting was possible in search, that
    allowed a remote attacker to inject arbitrary web script
    or HTML.

  - CVE-2010-4480
    Cross site scripting was possible in errors, that
    allowed a remote attacker to inject arbitrary web script
    or HTML.

  - CVE-2010-4481
    Display of PHP's phpinfo() function was available to
    world, but only if this functionality had been enabled
    (defaults to off). This may leak some information about
    the host system."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2010-4329"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2010-4480"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2010-4481"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2010/dsa-2139"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the phpmyadmin package.

For the stable distribution (lenny), these problems have been fixed in
version 2.11.8.1-5+lenny7."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:phpmyadmin");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/12/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/03");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"5.0", prefix:"phpmyadmin", reference:"2.11.8.1-5+lenny7")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "DEBIAN_DSA-2139.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-2139-1 : phpmyadmin - several vulnerabilities", "description": "Several vulnerabilities have been discovered in phpMyAdmin, a tool to\nadminister MySQL over the web. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2010-4329\n Cross site scripting was possible in search, that\n allowed a remote attacker to inject arbitrary web script\n or HTML.\n\n - CVE-2010-4480\n Cross site scripting was possible in errors, that\n allowed a remote attacker to inject arbitrary web script\n or HTML.\n\n - CVE-2010-4481\n Display of PHP's phpinfo() function was available to\n world, but only if this functionality had been enabled\n (defaults to off). This may leak some information about\n the host system.", "published": "2011-01-03T00:00:00", "modified": "2011-01-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/51401", "reporter": "This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://security-tracker.debian.org/tracker/CVE-2010-4481", "https://security-tracker.debian.org/tracker/CVE-2010-4329", "https://security-tracker.debian.org/tracker/CVE-2010-4480", "https://www.debian.org/security/2010/dsa-2139"], "cvelist": ["CVE-2010-4480", "CVE-2010-4329", "CVE-2010-4481"], "type": "nessus", "lastseen": "2021-01-06T09:46:11", "edition": 27, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-4480", "CVE-2010-4329", "CVE-2010-4481"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11328", "SECURITYVULNS:VULN:11274", "SECURITYVULNS:DOC:25228", "SECURITYVULNS:DOC:25426"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2139-1:FDD12"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231068980", "OPENVAS:862955", "OPENVAS:1361412562310801494", "OPENVAS:1361412562310801660", "OPENVAS:1361412562310831299", "OPENVAS:862963", "OPENVAS:831299", "OPENVAS:1361412562310862955", "OPENVAS:1361412562310862963", "OPENVAS:68980"]}, {"type": "nessus", "idList": ["FEDORA_2010-18343.NASL", "FEDORA_2011-3761.NASL", "PHPMYADMIN_PMASA_2010_9.NASL", "FEDORA_2011-3733.NASL", "FREEBSD_PKG_753F81855BA942A4BE023F55EE580093.NASL", "FEDORA_2011-3737.NASL", "FEDORA_2010-18371.NASL"]}, {"type": "fedora", "idList": ["FEDORA:C33B81111D2", "FEDORA:E8DA211066A", "FEDORA:AE678110DF3", "FEDORA:AF651110971", "FEDORA:C879D167A39"]}, {"type": "phpmyadmin", "idList": ["PHPMYADMIN:PMASA-2010-10", "PHPMYADMIN:PMASA-2010-9", "PHPMYADMIN:PMASA-2010-8"]}, {"type": "exploitdb", "idList": ["EDB-ID:15699"]}, {"type": "freebsd", "idList": ["753F8185-5BA9-42A4-BE02-3F55EE580093"]}, {"type": "seebug", "idList": ["SSV:20283"]}], "modified": "2021-01-06T09:46:11", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2021-01-06T09:46:11", "rev": 2}, "vulnersScore": 6.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2139. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51401);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-4329\", \"CVE-2010-4480\", \"CVE-2010-4481\");\n script_bugtraq_id(45100);\n script_xref(name:\"DSA\", value:\"2139\");\n\n script_name(english:\"Debian DSA-2139-1 : phpmyadmin - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in phpMyAdmin, a tool to\nadminister MySQL over the web. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2010-4329\n Cross site scripting was possible in search, that\n allowed a remote attacker to inject arbitrary web script\n or HTML.\n\n - CVE-2010-4480\n Cross site scripting was possible in errors, that\n allowed a remote attacker to inject arbitrary web script\n or HTML.\n\n - CVE-2010-4481\n Display of PHP's phpinfo() function was available to\n world, but only if this functionality had been enabled\n (defaults to off). This may leak some information about\n the host system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4329\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4480\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2139\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the phpmyadmin package.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.11.8.1-5+lenny7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"phpmyadmin\", reference:\"2.11.8.1-5+lenny7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "51401", "cpe": ["p-cpe:/a:debian:debian_linux:phpmyadmin", "cpe:/o:debian:debian_linux:5.0"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T11:57:31", "description": "error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing \"@\" characters, as demonstrated using \"[a@url@page]\".", "edition": 3, "cvss3": {}, "published": "2010-12-08T16:00:00", "title": "CVE-2010-4480", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4480"], "modified": "2011-01-28T05:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:3.3.9.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8.1"], "id": "CVE-2010-4480", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4480", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:34:44", "description": "phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function.", "edition": 5, "cvss3": {}, "published": "2010-12-17T19:00:00", "title": "CVE-2010-4481", "type": "cve", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4481"], "modified": "2011-01-28T05:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:3.3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.4", "cpe:/a:phpmyadmin:phpmyadmin:3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.9.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.6.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.1.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.1.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.6", "cpe:/a:phpmyadmin:phpmyadmin:3.1.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.10.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.7", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.5", "cpe:/a:phpmyadmin:phpmyadmin:2.11.7.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.2.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.4.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.4.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.5.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.7.1", "cpe:/a:phpmyadmin:phpmyadmin:3.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8", "cpe:/a:phpmyadmin:phpmyadmin:3.3.6", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.5.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.4", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.1.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.3", "cpe:/a:phpmyadmin:phpmyadmin:3.3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.2.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.3.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.2.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.8.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.3.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.10.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.2.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.0", "cpe:/a:phpmyadmin:phpmyadmin:3.2.2", "cpe:/a:phpmyadmin:phpmyadmin:3.1.5", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3", "cpe:/a:phpmyadmin:phpmyadmin:2.11.5.0"], "id": "CVE-2010-4481", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4481", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:57:31", "description": "Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 allows remote attackers to inject arbitrary web script or HTML via a crafted request.", "edition": 3, "cvss3": {}, "published": "2010-12-02T16:22:00", "title": "CVE-2010-4329", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4329"], "modified": "2011-01-28T05:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:3.3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.4", "cpe:/a:phpmyadmin:phpmyadmin:3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.6.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.1.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.1.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.6", "cpe:/a:phpmyadmin:phpmyadmin:3.1.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.10.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.7", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.5", "cpe:/a:phpmyadmin:phpmyadmin:2.11.7.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.2.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.4.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.4.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.5.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.7.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.11", "cpe:/a:phpmyadmin:phpmyadmin:3.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8", "cpe:/a:phpmyadmin:phpmyadmin:3.3.6", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.2", "cpe:/a:phpmyadmin:phpmyadmin:2.11.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.5.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.4", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.1.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.3", "cpe:/a:phpmyadmin:phpmyadmin:3.3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.2.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.3.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.2.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.8.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.3.0", "cpe:/a:phpmyadmin:phpmyadmin:2.11.10.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.2.1", "cpe:/a:phpmyadmin:phpmyadmin:2.11.9.0", "cpe:/a:phpmyadmin:phpmyadmin:3.2.2", "cpe:/a:phpmyadmin:phpmyadmin:3.1.5", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3", "cpe:/a:phpmyadmin:phpmyadmin:2.11.5.0"], "id": "CVE-2010-4329", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4329", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:38", "bulletinFamily": "software", "cvelist": ["CVE-2010-4480", "CVE-2010-4329", "CVE-2010-4481"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2139-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nDecember 31, 2010 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : phpmyadmin\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2010-4329 CVE-2010-4480 CVE-2010-4481\r\n\r\nSeveral vulnerabilities have been discovered in phpMyAdmin, a tool\r\nto administer MySQL over the web. The Common Vulnerabilities and Exposures\r\nproject identifies the following problems:\r\n\r\nCVE-2010-4329\r\n\r\n Cross site scripting was possible in search, that allowed\r\n a remote attacker to inject arbitrary web script or HTML.\r\n\r\nCVE-2010-4480\r\n\r\n Cross site scripting was possible in errors, that allowed\r\n a remote attacker to inject arbitrary web script or HTML.\r\n\r\nCVE-2010-4481\r\n\r\n Display of PHP's phpinfo() function was available to world, but only\r\n if this functionality had been enabled (defaults to off). This may\r\n leak some information about the host system.\r\n\r\nFor the stable distribution (lenny), these problems have been fixed in\r\nversion 2.11.8.1-5+lenny7.\r\n\r\nFor the testing (squeeze) and unstable distribution (sid), these problems\r\nhave been fixed in version 3.3.7-3.\r\n\r\nWe recommend that you upgrade your phpmyadmin package.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJNHf0sAAoJEOxfUAG2iX57ulcIAL/G01SH84xfAQeKRarQSM+L\r\nJdOx/v9un204DK+N2Cj9qwI/oCY8gVoyISU1emufUgmsl5f0osADWpL6kv0gCaKk\r\nADXYs77K78/KDa3eixWMVMkspRxZBXA6TT6GkgSZYB14pF2krFOKXpUc3kk9dy3v\r\nI1qV9YnJhw/gXGn7XX6/Htnuu9aYqGc4+GcfFYW0j8FeJ8Og/VmgubkITvUyAHiR\r\nHE98xPwek8WhTXdsNsqpseraeaoscdizCbIfb2fHSaCJKZj+sY5eeVVOaqsG4RdV\r\nT34FuRRjsl0FrHEWSZK650cKcMvU3loAcCJnx94PTW5oqk7XDQihlInaoqEBlNY=\r\n=ZWgu\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2011-01-03T00:00:00", "published": "2011-01-03T00:00:00", "id": "SECURITYVULNS:DOC:25426", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25426", "title": "[SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:40", "bulletinFamily": "software", "cvelist": ["CVE-2010-4480", "CVE-2010-4329", "CVE-2010-4481"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2011-01-03T00:00:00", "published": "2011-01-03T00:00:00", "id": "SECURITYVULNS:VULN:11328", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11328", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:38", "bulletinFamily": "software", "cvelist": ["CVE-2010-4329"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:244\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : phpmyadmin\r\n Date : November 30, 2010\r\n Affected: Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in phpmyadmin:\r\n \r\n It was possible to conduct a XSS attack using spoofed request on the\r\n db search script (CVE-2010-4329).\r\n \r\n This upgrade provides the latest phpmyadmin versions which is not\r\n vulnerable to this security issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4329\r\n http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Corporate 4.0:\r\n 87bb4457e07c68c7eddee73bc942fdb1 corporate/4.0/i586/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.noarch.rpm \r\n 013a296d2c2aa39a34b30b6d9e5f460c corporate/4.0/SRPMS/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 5c99ed5e8e313786e6f760076c81d2da corporate/4.0/x86_64/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.noarch.rpm \r\n 013a296d2c2aa39a34b30b6d9e5f460c corporate/4.0/SRPMS/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 70394e9ba0e8f350d6de2ca373dfd9b8 mes5/i586/phpmyadmin-3.3.8.1-0.1mdvmes5.1.noarch.rpm \r\n b656823ea2dca7d61eb6ba85c3900470 mes5/SRPMS/phpmyadmin-3.3.8.1-0.1mdvmes5.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n a3c6238fa1f3132a27a91aa503b6e2fc mes5/x86_64/phpmyadmin-3.3.8.1-0.1mdvmes5.1.noarch.rpm \r\n b656823ea2dca7d61eb6ba85c3900470 mes5/SRPMS/phpmyadmin-3.3.8.1-0.1mdvmes5.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFM9MZBmqjQ0CJFipgRApUnAKDWTed6RtWZoUpy6VO0dea56dMivgCgjuzB\r\nQWpx1KX1wp8A2aQ6IUyyCTg=\r\n=+E4U\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-12-01T00:00:00", "published": "2010-12-01T00:00:00", "id": "SECURITYVULNS:DOC:25228", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25228", "title": "[ MDVSA-2010:244 ] phpmyadmin", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:39", "bulletinFamily": "software", "cvelist": ["CVE-2010-4283", "CVE-2010-4281", "CVE-2010-3449", "CVE-2010-4280", "CVE-2010-4329", "CVE-2010-4282", "CVE-2010-3266", "CVE-2010-3267", "CVE-2010-4278", "CVE-2010-4279"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2010-12-01T00:00:00", "published": "2010-12-01T00:00:00", "id": "SECURITYVULNS:VULN:11274", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11274", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-08-12T01:00:55", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4480", "CVE-2010-4329", "CVE-2010-4481"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2139-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nDecember 31, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : phpmyadmin\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-4329 CVE-2010-4480 CVE-2010-4481\n\nSeveral vulnerabilities have been discovered in phpMyAdmin, a tool\nto administer MySQL over the web. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2010-4329\n\n Cross site scripting was possible in search, that allowed\n a remote attacker to inject arbitrary web script or HTML.\n\nCVE-2010-4480\n\n Cross site scripting was possible in errors, that allowed\n a remote attacker to inject arbitrary web script or HTML.\n\nCVE-2010-4481\n\n Display of PHP's phpinfo() function was available to world, but only\n if this functionality had been enabled (defaults to off). This may\n leak some information about the host system.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.11.8.1-5+lenny7.\n\nFor the testing (squeeze) and unstable distribution (sid), these problems\nhave been fixed in version 3.3.7-3.\n\nWe recommend that you upgrade your phpmyadmin package.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n", "edition": 6, "modified": "2010-12-31T15:57:43", "published": "2010-12-31T15:57:43", "id": "DEBIAN:DSA-2139-1:FDD12", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00190.html", "title": "[SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2017-07-24T12:55:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4329", "CVE-2010-4481"], "description": "The remote host is missing an update to phpmyadmin\nannounced via advisory DSA 2139-1.", "modified": "2017-07-07T00:00:00", "published": "2011-03-07T00:00:00", "id": "OPENVAS:68980", "href": "http://plugins.openvas.org/nasl.php?oid=68980", "type": "openvas", "title": "Debian Security Advisory DSA 2139-1 (phpmyadmin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2139_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2139-1 (phpmyadmin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in phpMyAdmin, a tool\nto administer MySQL over the web. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2010-4329\n\nCross site scripting was possible in search, that allowed\na remote attacker to inject arbitrary web script or HTML.\n\nCVE-2010-4480\n\nCross site scripting was possible in errors, that allowed\na remote attacker to inject arbitrary web script or HTML.\n\nCVE-2010-4481\n\nDisplay of PHP's phpinfo() function was available to world, but only\nif this functionality had been enabled (defaults to off). This may\nleak some information about the host system.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.11.8.1-5+lenny7.\n\nFor the testing (squeeze) and unstable distribution (sid), these problems\nhave been fixed in version 3.3.7-3.\n\nWe recommend that you upgrade your phpmyadmin package.\";\ntag_summary = \"The remote host is missing an update to phpmyadmin\nannounced via advisory DSA 2139-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202139-1\";\n\n\nif(description)\n{\n script_id(68980);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2010-4329\", \"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Debian Security Advisory DSA 2139-1 (phpmyadmin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"phpmyadmin\", ver:\"2.11.8.1-5+lenny7\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4329", "CVE-2010-4481"], "description": "The remote host is missing an update to phpmyadmin\nannounced via advisory DSA 2139-1.", "modified": "2019-03-18T00:00:00", "published": "2011-03-07T00:00:00", "id": "OPENVAS:136141256231068980", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068980", "type": "openvas", "title": "Debian Security Advisory DSA 2139-1 (phpmyadmin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2139_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2139-1 (phpmyadmin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68980\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2010-4329\", \"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Debian Security Advisory DSA 2139-1 (phpmyadmin)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB5\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202139-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in phpMyAdmin, a tool\nto administer MySQL over the web. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2010-4329\n\nCross site scripting was possible in search, that allowed\na remote attacker to inject arbitrary web script or HTML.\n\nCVE-2010-4480\n\nCross site scripting was possible in errors, that allowed\na remote attacker to inject arbitrary web script or HTML.\n\nCVE-2010-4481\n\nDisplay of PHP's phpinfo() function was available to world, but only\nif this functionality had been enabled (defaults to off). This may\nleak some information about the host system.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.11.8.1-5+lenny7.\n\nFor the testing (squeeze) and unstable distribution (sid), these problems\nhave been fixed in version 3.3.7-3.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your phpmyadmin package.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to phpmyadmin\nannounced via advisory DSA 2139-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"phpmyadmin\", ver:\"2.11.8.1-5+lenny7\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-04-01T00:00:00", "id": "OPENVAS:1361412562310862963", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862963", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2011-3733", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2011-3733\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862963\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-3733\");\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2011-3733\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"phpMyAdmin on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~3.3.10~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-25T10:55:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "Check for the Version of phpMyAdmin", "modified": "2017-07-10T00:00:00", "published": "2011-04-01T00:00:00", "id": "OPENVAS:862963", "href": "http://plugins.openvas.org/nasl.php?oid=862963", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2011-3733", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2011-3733\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"phpMyAdmin on Fedora 13\";\ntag_insight = \"phpMyAdmin is a tool written in PHP intended to handle the administration of\n MySQL over the Web. Currently it can create and drop databases,\n create/drop/alter tables, delete/edit/add fields, execute any SQL statement,\n manage keys on fields, manage privileges, export data into various formats and\n is available in over 55 languages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057007.html\");\n script_id(862963);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-3733\");\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2011-3733\");\n\n script_summary(\"Check for the Version of phpMyAdmin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~3.3.10~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:55:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "Check for the Version of phpmyadmin", "modified": "2017-07-06T00:00:00", "published": "2011-01-11T00:00:00", "id": "OPENVAS:831299", "href": "http://plugins.openvas.org/nasl.php?oid=831299", "type": "openvas", "title": "Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in phpmyadmin:\n\n error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers\n to conduct cross-site scripting (XSS) attacks via a crafted BBcode\n tag containing @ characters, as demonstrated using [a@url@page]\n (CVE-2010-4480).\n \n phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass\n authentication and obtain sensitive information via a direct request\n to phpinfo.php, which calls the phpinfo function (CVE-2010-4481).\n \n This upgrade provides the latest phpmyadmin version for MES5 (3.3.9)\n and patches the version for CS4 to address these vulnerabilities.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"phpmyadmin on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-01/msg00001.php\");\n script_id(831299);\n script_version(\"$Revision: 6565 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 14:56:06 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"MDVSA\", value: \"2011:000\");\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)\");\n\n script_summary(\"Check for the Version of phpmyadmin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpmyadmin\", rpm:\"phpmyadmin~3.3.9~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "The remote host is missing an update for the ", "modified": "2019-03-14T00:00:00", "published": "2011-01-11T00:00:00", "id": "OPENVAS:1361412562310831299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831299", "type": "openvas", "title": "Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-01/msg00001.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831299\");\n script_version(\"$Revision: 14188 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 15:14:02 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"MDVSA\", value:\"2011:000\");\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpmyadmin'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_mes5\");\n script_tag(name:\"affected\", value:\"phpmyadmin on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been found and corrected in phpmyadmin:\n\n error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers\n to conduct cross-site scripting (XSS) attacks via a crafted BBcode\n tag containing @ characters, as demonstrated using [a@url@page]\n (CVE-2010-4480).\n\n phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass\n authentication and obtain sensitive information via a direct request\n to phpinfo.php, which calls the phpinfo function (CVE-2010-4481).\n\n This upgrade provides the latest phpmyadmin version for MES5 (3.3.9)\n and patches the version for CS4 to address these vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpmyadmin\", rpm:\"phpmyadmin~3.3.9~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-25T10:55:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "Check for the Version of phpMyAdmin", "modified": "2017-07-10T00:00:00", "published": "2011-04-01T00:00:00", "id": "OPENVAS:862955", "href": "http://plugins.openvas.org/nasl.php?oid=862955", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2011-3737", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2011-3737\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"phpMyAdmin on Fedora 14\";\ntag_insight = \"phpMyAdmin is a tool written in PHP intended to handle the administration of\n MySQL over the Web. Currently it can create and drop databases,\n create/drop/alter tables, delete/edit/add fields, execute any SQL statement,\n manage keys on fields, manage privileges, export data into various formats and\n is available in over 55 languages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057005.html\");\n script_id(862955);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-3737\");\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2011-3737\");\n\n script_summary(\"Check for the Version of phpMyAdmin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~3.3.10~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-04-01T00:00:00", "id": "OPENVAS:1361412562310862955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862955", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2011-3737", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2011-3737\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057005.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862955\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-3737\");\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2011-3737\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"phpMyAdmin on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~3.3.10~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-06T16:46:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4481"], "description": "The host is running phpMyAdmin and is prone to security bypass\n vulnerability.", "modified": "2019-12-05T00:00:00", "published": "2010-12-27T00:00:00", "id": "OPENVAS:1361412562310801494", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801494", "type": "openvas", "title": "phpMyAdmin 'phpinfo.php' Security bypass Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# phpMyAdmin 'phpinfo.php' Security bypass Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801494\");\n script_version(\"2019-12-05T15:10:00+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-05 15:10:00 +0000 (Thu, 05 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2010-12-27 09:55:05 +0100 (Mon, 27 Dec 2010)\");\n script_cve_id(\"CVE-2010-4481\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"phpMyAdmin 'phpinfo.php' Security bypass Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/42485\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/3238\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/downloads.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2010-10.php\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"phpMyAdmin/installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the unauthenticated attackers to display\n information related to PHP.\");\n script_tag(name:\"affected\", value:\"phpMyAdmin version prior to 3.4.0-beta1.\");\n script_tag(name:\"insight\", value:\"The flaw is caused by missing authentication in the 'phpinfo.php' script\n when 'PMA_MINIMUM_COMMON' is defined. This can be exploited to gain knowledge\n of sensitive information by requesting the file directly.\");\n script_tag(name:\"solution\", value:\"Upgrade to phpMyAdmin version 3.4.0-beta1 or later\");\n script_tag(name:\"summary\", value:\"The host is running phpMyAdmin and is prone to security bypass\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))exit(0);\n\nif(dir = get_app_location(cpe:CPE, port:port))exit(0);\n\nsndReq = http_get(item:string(dir, \"/phpinfo.php\"), port:port);\nrcvRes = http_send_recv(port:port, data:sndReq);\n\nif(\">Configuration<\" >< rcvRes && \">PHP Core<\" >< rcvRes &&\n \">Apache Environment<\" >< rcvRes)\n{\n security_message(port);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-06T16:46:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480"], "description": "The host is running phpMyAdmin and is prone to Cross-Site\nScripting Vulnerability.", "modified": "2019-12-05T00:00:00", "published": "2010-12-13T00:00:00", "id": "OPENVAS:1361412562310801660", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801660", "type": "openvas", "title": "phpMyAdmin 'error.php' Cross Site Scripting Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# phpMyAdmin 'error.php' Cross Site Scripting Vulnerability\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801660\");\n script_version(\"2019-12-05T15:10:00+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-05 15:10:00 +0000 (Thu, 05 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2010-12-13 15:28:53 +0100 (Mon, 13 Dec 2010)\");\n script_cve_id(\"CVE-2010-4480\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"phpMyAdmin 'error.php' Cross Site Scripting Vulnerability\");\n script_xref(name:\"URL\", value:\"http://www.exploit-db.com/exploits/15699/\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2010/3133\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"phpMyAdmin/installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to inject arbitrary\nHTML code within the error page and conduct phishing attacks.\");\n script_tag(name:\"affected\", value:\"phpMyAdmin version 3.3.8.1 and prior.\");\n script_tag(name:\"insight\", value:\"The flaw is caused by input validation errors in the 'error.php'\nscript when processing crafted BBcode tags containing '@' characters, which\ncould allow attackers to inject arbitrary HTML code within the error page\nand conduct phishing attacks.\");\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n script_tag(name:\"summary\", value:\"The host is running phpMyAdmin and is prone to Cross-Site\nScripting Vulnerability.\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\n\nif(!port = get_app_port(cpe:CPE))exit(0);\n\nif(!dir = get_app_location(cpe:CPE, port:port))exit(0);\n\nvt_strings = get_vt_strings();\n\nurl = string(dir,\"/error.php?type=\",vt_strings[\"default\"],\"&error=Attack+via+\",\n \"characters+injection+-+[a%40http://www.\",vt_strings[\"lowercase\"],\".org%40_self]\",\n \"This%20Is%20a%20Link[%2Fa]\");\n\nif(http_vuln_check(port:port, url:url, pattern:'<h1>phpMyAdmin - ' + vt_strings[\"default\"] + '</h1>',\n extra_check: make_list('Attack via characters injection',\n '<a href=\"http://www.'+ vt_strings[\"lowercase\"] +'.org\" target=\"_self\">This Is a Link</a>')))\n{\n security_message(port);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges, export data into various formats and is available in over 55 languages. ", "modified": "2011-03-29T19:52:43", "published": "2011-03-29T19:52:43", "id": "FEDORA:C33B81111D2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: phpMyAdmin-3.3.10-1.fc14", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges, export data into various formats and is available in over 55 languages. ", "modified": "2011-03-26T05:11:26", "published": "2011-03-26T05:11:26", "id": "FEDORA:E8DA211066A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: phpMyAdmin-3.3.10-1.fc15", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges, export data into various formats and is available in over 55 languages. ", "modified": "2011-03-29T19:53:51", "published": "2011-03-29T19:53:51", "id": "FEDORA:C879D167A39", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: phpMyAdmin-3.3.10-1.fc13", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4329"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges, export data into various formats and is available in over 55 languages. ", "modified": "2010-12-08T21:34:18", "published": "2010-12-08T21:34:18", "id": "FEDORA:AF651110971", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: phpMyAdmin-3.3.8.1-1.fc14", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4329"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges, export data into various formats and is available in over 55 languages. ", "modified": "2010-12-08T21:36:02", "published": "2010-12-08T21:36:02", "id": "FEDORA:AE678110DF3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: phpMyAdmin-3.3.8.1-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-12T10:09:29", "description": "Changes for 3.3.10.0 (2011-03-19)\n\n - [structure] Aria table size printed as unknown, thanks\n to erickoh75 - erickoh75\n\n - [structure] Ordering by size gives incorrect results,\n thanks to Madhura Jayaratne - madhuracj\n\n - [core] 0 row(s) affected\n\n - [core] Edit relational page and page number\n\n - [security] Minor security fixes, see PMASA-2010-9 and\n PMASA-2010-10\n\n - [lang] German update, thanks to jannicars at\n users.sourceforge.net.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-03-30T00:00:00", "title": "Fedora 13 : phpMyAdmin-3.3.10-1.fc13 (2011-3733)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "modified": "2011-03-30T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2011-3733.NASL", "href": "https://www.tenable.com/plugins/nessus/53213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-3733.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53213);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_bugtraq_id(45633);\n script_xref(name:\"FEDORA\", value:\"2011-3733\");\n\n script_name(english:\"Fedora 13 : phpMyAdmin-3.3.10-1.fc13 (2011-3733)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Changes for 3.3.10.0 (2011-03-19)\n\n - [structure] Aria table size printed as unknown, thanks\n to erickoh75 - erickoh75\n\n - [structure] Ordering by size gives incorrect results,\n thanks to Madhura Jayaratne - madhuracj\n\n - [core] 0 row(s) affected\n\n - [core] Edit relational page and page number\n\n - [security] Minor security fixes, see PMASA-2010-9 and\n PMASA-2010-10\n\n - [lang] German update, thanks to jannicars at\n users.sourceforge.net.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=661335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=662366\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/057007.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ed89874b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"phpMyAdmin-3.3.10-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:09:29", "description": "Changes for 3.3.10.0 (2011-03-19)\n\n - [structure] Aria table size printed as unknown, thanks\n to erickoh75 - erickoh75\n\n - [structure] Ordering by size gives incorrect results,\n thanks to Madhura Jayaratne - madhuracj\n\n - [core] 0 row(s) affected\n\n - [core] Edit relational page and page number\n\n - [security] Minor security fixes, see PMASA-2010-9 and\n PMASA-2010-10\n\n - [lang] German update, thanks to jannicars at\n users.sourceforge.net.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-03-30T00:00:00", "title": "Fedora 14 : phpMyAdmin-3.3.10-1.fc14 (2011-3737)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "modified": "2011-03-30T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2011-3737.NASL", "href": "https://www.tenable.com/plugins/nessus/53214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-3737.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53214);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_bugtraq_id(45633);\n script_xref(name:\"FEDORA\", value:\"2011-3737\");\n\n script_name(english:\"Fedora 14 : phpMyAdmin-3.3.10-1.fc14 (2011-3737)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Changes for 3.3.10.0 (2011-03-19)\n\n - [structure] Aria table size printed as unknown, thanks\n to erickoh75 - erickoh75\n\n - [structure] Ordering by size gives incorrect results,\n thanks to Madhura Jayaratne - madhuracj\n\n - [core] 0 row(s) affected\n\n - [core] Edit relational page and page number\n\n - [security] Minor security fixes, see PMASA-2010-9 and\n PMASA-2010-10\n\n - [lang] German update, thanks to jannicars at\n users.sourceforge.net.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=661335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=662366\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/057005.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?00806d5f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"phpMyAdmin-3.3.10-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:09:30", "description": "Changes for 3.3.10.0 (2011-03-19)\n\n - [structure] Aria table size printed as unknown, thanks\n to erickoh75 - erickoh75\n\n - [structure] Ordering by size gives incorrect results,\n thanks to Madhura Jayaratne - madhuracj\n\n - [core] 0 row(s) affected\n\n - [core] Edit relational page and page number\n\n - [security] Minor security fixes, see PMASA-2010-9 and\n PMASA-2010-10\n\n - [lang] German update, thanks to jannicars at\n users.sourceforge.net.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-03-27T00:00:00", "title": "Fedora 15 : phpMyAdmin-3.3.10-1.fc15 (2011-3761)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480", "CVE-2010-4481"], "modified": "2011-03-27T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:15", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2011-3761.NASL", "href": "https://www.tenable.com/plugins/nessus/52984", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-3761.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52984);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4480\", \"CVE-2010-4481\");\n script_bugtraq_id(45633);\n script_xref(name:\"FEDORA\", value:\"2011-3761\");\n\n script_name(english:\"Fedora 15 : phpMyAdmin-3.3.10-1.fc15 (2011-3761)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Changes for 3.3.10.0 (2011-03-19)\n\n - [structure] Aria table size printed as unknown, thanks\n to erickoh75 - erickoh75\n\n - [structure] Ordering by size gives incorrect results,\n thanks to Madhura Jayaratne - madhuracj\n\n - [core] 0 row(s) affected\n\n - [core] Edit relational page and page number\n\n - [security] Minor security fixes, see PMASA-2010-9 and\n PMASA-2010-10\n\n - [lang] German update, thanks to jannicars at\n users.sourceforge.net.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=661335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=662366\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/056730.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?da9c18e4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"phpMyAdmin-3.3.10-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T04:54:58", "description": "The version of phpMyAdmin fails to validate BBcode tags in user input\nto the 'error' parameter of the 'error.php' script before using it to\ngenerate dynamic HTML.\n\nAn attacker may be able to leverage this issue to inject arbitrary\nHTML or script code into a user's browser to be executed within the\nsecurity context of the affected site. For example, this could be\nused to cause a page with arbitrary text and a link to an external\nsite to be displayed.", "edition": 25, "published": "2011-01-06T00:00:00", "title": "phpMyAdmin error.php BBcode Tag XSS (PMASA-2010-9)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4480"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin"], "id": "PHPMYADMIN_PMASA_2010_9.NASL", "href": "https://www.tenable.com/plugins/nessus/51425", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(51425);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/15 20:50:20\");\n\n script_cve_id(\"CVE-2010-4480\");\n script_bugtraq_id(45633);\n script_xref(name:\"EDB-ID\", value:\"15699\");\n\n script_name(english:\"phpMyAdmin error.php BBcode Tag XSS (PMASA-2010-9)\");\n script_summary(english:\"Tries to inject HTML\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote web server hosts a PHP script that is prone to a cross-\nsite scripting attack.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of phpMyAdmin fails to validate BBcode tags in user input\nto the 'error' parameter of the 'error.php' script before using it to\ngenerate dynamic HTML.\n\nAn attacker may be able to leverage this issue to inject arbitrary\nHTML or script code into a user's browser to be executed within the\nsecurity context of the affected site. For example, this could be\nused to cause a page with arbitrary text and a link to an external\nsite to be displayed.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2010-9/\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to phpMyAdmin 3.4.0-beta1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:phpmyadmin:phpmyadmin\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"phpMyAdmin_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/phpMyAdmin\", \"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"url_func.inc\");\ninclude(\"webapp_func.inc\");\n\n\nport = get_http_port(default:80, php:TRUE, embedded:FALSE);\n\n\ninstall = get_install_from_kb(appname:\"phpMyAdmin\", port:port, exit_on_fail:TRUE);\ndir = install['dir'];\n\n\n# Try to exploit the issue.\nlink = 'https://www.phpmyadmin.net/security/PMASA-2010-9/';\ntext = 'Click here';\npayload = '[a@' + link + '@_self]' + text + '[/a]';\n\nvuln = test_cgi_xss(\n port : port,\n cgi : '/error.php',\n dirs : make_list(dir),\n qs : 'type='+SCRIPT_NAME+'&error='+urlencode(str:payload),\n pass_str : 'phpMyAdmin',\n pass2_re : '<a href=\"' + link + '\" target=\"_self\">' + text + '</a>'\n);\nif (!vuln) exit(0, \"The phpMyAdmin install at \"+build_url(port:port, qs:dir+'/')+\" is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:08:25", "description": "Changes for 3.3.8.1 (2010-11-29)\n\n - [security] XSS on db search, see PMASA-2010-8\n\n -\n http://www.phpmyadmin.net/home_page/security/PMASA-201\n 0-8.php\n\n - CVE-2010-4329\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2010-12-09T00:00:00", "title": "Fedora 14 : phpMyAdmin-3.3.8.1-1.fc14 (2010-18343)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4329"], "modified": "2010-12-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2010-18343.NASL", "href": "https://www.tenable.com/plugins/nessus/51081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18343.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51081);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4329\");\n script_bugtraq_id(45100);\n script_xref(name:\"FEDORA\", value:\"2010-18343\");\n\n script_name(english:\"Fedora 14 : phpMyAdmin-3.3.8.1-1.fc14 (2010-18343)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Changes for 3.3.8.1 (2010-11-29)\n\n - [security] XSS on db search, see PMASA-2010-8\n\n -\n http://www.phpmyadmin.net/home_page/security/PMASA-201\n 0-8.php\n\n - CVE-2010-4329\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-8/\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051942.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4dd97623\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"phpMyAdmin-3.3.8.1-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:08:25", "description": "Changes for 3.3.8.1 (2010-11-29)\n\n - [security] XSS on db search, see PMASA-2010-8\n\n -\n http://www.phpmyadmin.net/home_page/security/PMASA-201\n 0-8.php\n\n - CVE-2010-4329\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2010-12-09T00:00:00", "title": "Fedora 13 : phpMyAdmin-3.3.8.1-1.fc13 (2010-18371)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4329"], "modified": "2010-12-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2010-18371.NASL", "href": "https://www.tenable.com/plugins/nessus/51082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18371.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51082);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4329\");\n script_bugtraq_id(45100);\n script_xref(name:\"FEDORA\", value:\"2010-18371\");\n\n script_name(english:\"Fedora 13 : phpMyAdmin-3.3.8.1-1.fc13 (2010-18371)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Changes for 3.3.8.1 (2010-11-29)\n\n - [security] XSS on db search, see PMASA-2010-8\n\n -\n http://www.phpmyadmin.net/home_page/security/PMASA-201\n 0-8.php\n\n - CVE-2010-4329\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-8/\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051956.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e2b4838\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"phpMyAdmin-3.3.8.1-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-07T10:45:46", "description": "phpMyAdmin team reports :\n\nIt was possible to conduct a XSS attack using spoofed request on the\ndb search script.", "edition": 25, "published": "2010-11-30T00:00:00", "title": "FreeBSD : phpMyAdmin -- XSS attack in database search (753f8185-5ba9-42a4-be02-3f55ee580093)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4329"], "modified": "2010-11-30T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:phpMyAdmin", "p-cpe:/a:freebsd:freebsd:phpMyAdmin211"], "id": "FREEBSD_PKG_753F81855BA942A4BE023F55EE580093.NASL", "href": "https://www.tenable.com/plugins/nessus/50838", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50838);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-4329\");\n\n script_name(english:\"FreeBSD : phpMyAdmin -- XSS attack in database search (753f8185-5ba9-42a4-be02-3f55ee580093)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin team reports :\n\nIt was possible to conduct a XSS attack using spoofed request on the\ndb search script.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=152685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=152686\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-8/\"\n );\n # https://vuxml.freebsd.org/freebsd/753f8185-5ba9-42a4-be02-3f55ee580093.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0088aa48\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:phpMyAdmin211\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"phpMyAdmin<3.3.8.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"phpMyAdmin211<2.11.11.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "phpmyadmin": [{"lastseen": "2019-05-29T17:20:12", "bulletinFamily": "software", "cvelist": ["CVE-2010-4481"], "description": "## PMASA-2010-10\n\n**Announcement-ID:** PMASA-2010-10\n\n**Date:** 2010-12-07\n\n**Updated:** 2010-02-16\n\n### Summary\n\nPossible information disclosure.\n\n### Description\n\nUnauthenticated user was able to display phpinfo output if phpMyAdmin was enabled to show it.\n\n### Severity\n\nThe issue is considered minor, because this feature is not enabled in default installation.\n\n### Mitigation factor\n\nDefault installation is not affected, because $$cfg['ShowPhpInfo'] is false by default.\n\n### Affected Versions\n\nAll versions prior to 3.4.0-beta1.\n\n### Solution\n\nUpgrade to phpMyAdmin 3.4.0-beta1 or newer or apply patch listed below. Due to its minor impact, a fix will be included in the next regular release which is 3.3.10.\n\n### References\n\nThis issue was reported by [J\u00f6rg Sommer](<mailto:joerg@alea.gnuu.de>).\n\nAssigned CVE ids: [CVE-2010-4481](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\n### Patches\n\nThe following commits have been made to fix this issue:\n\n * [4d9fd005671b05c4d74615d5939ed45e4d019e4c](<https://github.com/phpmyadmin/phpmyadmin/commit/4d9fd005671b05c4d74615d5939ed45e4d019e4c>)\n\nThe following commits have been made on the 2.11 branch to fix this issue:\n\n * [373a6626ade37c0fee1dfc7c757ca55c7652874b](<https://github.com/phpmyadmin/phpmyadmin/commit/373a6626ade37c0fee1dfc7c757ca55c7652874b>)\n\nThe following commits have been made on the 3.3 branch to fix this issue:\n\n * [8928900532d111e849362b6359571a3b079eb9ea](<https://github.com/phpmyadmin/phpmyadmin/commit/8928900532d111e849362b6359571a3b079eb9ea>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2010-02-16T00:00:00", "published": "2010-12-07T00:00:00", "id": "PHPMYADMIN:PMASA-2010-10", "href": "https://www.phpmyadmin.net/security/PMASA-2010-10/", "title": "Possible information disclosure.", "type": "phpmyadmin", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T17:20:05", "bulletinFamily": "software", "cvelist": ["CVE-2010-4480"], "description": "## PMASA-2010-9\n\n**Announcement-ID:** PMASA-2010-9\n\n**Date:** 2010-12-07\n\n**Updated:** 2010-02-16\n\n### Summary\n\nUnvalidated input on error page.\n\n### Description\n\nIt was possible to display arbitrary text and link to external site using parameters passed to particular script.\n\n### Severity\n\nThis issue is considered minor, because the only purpose of affected file is to display an error message.\n\n### Affected Versions\n\nAll versions prior to 3.4.0-beta1.\n\n### Solution\n\nUpgrade to phpMyAdmin 3.4.0-beta1 or newer or apply patch listed below. Due to its minor impact, a fix will be included in the next regular release which is 3.3.10.\n\n### References\n\nThis issue was reported by [Tiger Security Team](<http://www.exploit-db.com/exploits/15699/>).\n\nAssigned CVE ids: [CVE-2010-4480](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-20](<https://cwe.mitre.org/data/definitions/20.html>)\n\n### Patches\n\nThe following commits have been made to fix this issue:\n\n * [aa6fec0532a9dd48d4e35831c1b1c9785c124dd7](<https://github.com/phpmyadmin/phpmyadmin/commit/aa6fec0532a9dd48d4e35831c1b1c9785c124dd7>)\n\nThe following commits have been made on the 2.11 branch to fix this issue:\n\n * [b01a58118f973f98ab99a4bb28d340af49fa251f](<https://github.com/phpmyadmin/phpmyadmin/commit/b01a58118f973f98ab99a4bb28d340af49fa251f>)\n\nThe following commits have been made on the 3.3 branch to fix this issue:\n\n * [9ebd401b0ea4efea8ddc8cd846da559bf420ccaa](<https://github.com/phpmyadmin/phpmyadmin/commit/9ebd401b0ea4efea8ddc8cd846da559bf420ccaa>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2010-02-16T00:00:00", "published": "2010-12-07T00:00:00", "id": "PHPMYADMIN:PMASA-2010-9", "href": "https://www.phpmyadmin.net/security/PMASA-2010-9/", "title": "Unvalidated input on error page.", "type": "phpmyadmin", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T17:20:10", "bulletinFamily": "software", "cvelist": ["CVE-2010-4329"], "description": "## PMASA-2010-8\n\n**Announcement-ID:** PMASA-2010-8\n\n**Date:** 2010-11-29\n\n### Summary\n\nXSS attack in database search.\n\n### Description\n\nIt was possible to conduct a XSS attack using spoofed request on the db search script.\n\n### Severity\n\nWe consider this vulnerability to be non critical.\n\n### Affected Versions\n\nFor 3.x: versions before 3.3.8.1 are affected. For 2.11.x: versions before 2.11.11.1 are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 3.3.8.1 or newer, or 2.11.11.1 if using the 2.11.x family. You can also apply the patch listed below.\n\n### References\n\nThanks to Alexander Opitz for reporting this issue.\n\nAssigned CVE ids: [CVE-2010-4329](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4329>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\n### Patches\n\nThe following commits have been made to fix this issue:\n\n * [4341818d73d454451f024950a4ce0141608ac7f8](<https://github.com/phpmyadmin/phpmyadmin/commit/4341818d73d454451f024950a4ce0141608ac7f8>)\n\nThe following commits have been made on the 2.11 branch to fix this issue:\n\n * [e1f4901ffc400b6d2df15eac0ba5015fe48a27c4](<https://github.com/phpmyadmin/phpmyadmin/commit/e1f4901ffc400b6d2df15eac0ba5015fe48a27c4>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2010-11-29T00:00:00", "published": "2010-11-29T00:00:00", "id": "PHPMYADMIN:PMASA-2010-8", "href": "https://www.phpmyadmin.net/security/PMASA-2010-8/", "title": "XSS attack in database search.", "type": "phpmyadmin", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "exploitdb": [{"lastseen": "2016-02-01T22:22:13", "description": "phpmyadmin 0day code injection. CVE-2010-4480. Webapps exploit for php platform", "published": "2010-12-06T00:00:00", "type": "exploitdb", "title": "PhpMyAdmin - Client Side Code Injection and Redirect Link Falsification 0day", "bulletinFamily": "exploit", "cvelist": ["CVE-2010-4480"], "modified": "2010-12-06T00:00:00", "id": "EDB-ID:15699", "href": "https://www.exploit-db.com/exploits/15699/", "sourceData": "PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification\r\n\r\nCredits:\r\n Emanuele 'emgent' Gentili <emgent@backtrack-linux.org>\r\n Marco 'white_sheep' Rondini <white_sheep@backtrack-linux.org>\r\n Alessandro 'scox' Scoscia <scox@backtrack.it>\r\n\r\n\r\nIn error.php, PhpMyAdmin permit to insert text and restricted tag, like BBCode.\r\nWith tag [a@url@page]Click Me[/a], you can insert your own page, and redirect all users.\r\nAvailable tags are:\r\n\r\n\r\n '[i]' => '', \r\n '[/i]' => '', \r\n '[em]' => '',\r\n '[/em]' => '',\r\n '[b]' => '', \r\n '[/b]' => '', \r\n '[strong]' => '',\r\n '[/strong]' => '',\r\n '[tt]' => '<code>', \r\n '[/tt]' => '</code>', \r\n '[code]' => '<code>',\r\n '[/code]' => '</code>',\r\n '[kbd]' => '<kbd>',\r\n '[/kbd]' => '</kbd>',\r\n '[br]' => ' ',\r\n '[/a]' => '</a>',\r\n '[sup]' => '',\r\n '[/sup]' => '',\r\n\r\n and replace '/\\[a@([^\"@]*)@([^]\"]*)\\]/' with '<a href=\"\\1\" target=\"\\2\">'\r\n\r\n\r\nPOC:\r\n\r\nhttp://127.0.0.1/phpmyadmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br]It%27s+possible+use+some+special+tags+too[br]Found+by+Tiger+Security+Tiger+Team+-+[a%40http://www.tigersecurity.it%40_self]This%20Is%20a%20Link[%2Fa]\r\n\r\n\r\nOWASP Reference:\r\n\r\nhttp://www.owasp.org/index.php/Unvalidated_Input", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/15699/"}], "seebug": [{"lastseen": "2017-11-19T18:07:10", "description": "BUGTRAQ ID: 45100\r\nCVE ID: CVE-2010-4329\r\n\r\nphpMyAdmin\u662f\u7528PHP\u7f16\u5199\u7684\u5de5\u5177\uff0c\u7528\u4e8e\u901a\u8fc7WEB\u7ba1\u7406MySQL\u3002\r\n\r\nphpMyAdmin\u7531\u4e8e\u672a\u6709\u6548\u8fc7\u6ee4\u7528\u6237\u63d0\u4f9b\u7684\u6570\u636e\uff0c\u6240\u4ee5\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u5176\u4ed6\u8bbf\u95ee\u7f51\u7ad9\u7684\u7528\u6237\u7684\u6d4f\u89c8\u5668\u4e2d\u6267\u884c\u4efb\u610f\u811a\u672c\u4ee3\u7801\uff0c\u4ece\u800c\u7a83\u53d6\u57fa\u4e8eCookie\u7684\u9a8c\u8bc1\u51ed\u636e\uff0c\u53d1\u52a8\u5176\u4ed6\u653b\u51fb\u3002\n\nMandrakeSoft Corporate Server 4.0 x86_64\r\nMandrakeSoft Corporate Server 4.0\r\nphpMyAdmin phpMyAdmin 2.11 - 3.3.6\r\nMandrakeSoft Enterprise Server 5 x86_64\r\nMandrakeSoft Enterprise Server 5\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMandrakeSoft\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.linux-mandrake.com/en/security/", "published": "2010-12-09T00:00:00", "type": "seebug", "title": "phpMyAdmin\u6570\u636e\u5e93\u641c\u7d22\u8de8\u7ad9\u811a\u672c\u6267\u884c\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2010-4329"], "modified": "2010-12-09T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20283", "id": "SSV:20283", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:03", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4329"], "description": "\nphpMyAdmin team reports:\n\nIt was possible to conduct a XSS attack using spoofed request on the\n\t db search script.\n\n", "edition": 4, "modified": "2010-11-29T00:00:00", "published": "2010-11-29T00:00:00", "id": "753F8185-5BA9-42A4-BE02-3F55EE580093", "href": "https://vuxml.freebsd.org/freebsd/753f8185-5ba9-42a4-be02-3f55ee580093.html", "title": "phpMyAdmin -- XSS attack in database search", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}