Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2016-7FC142DA66.NASL
HistoryDec 08, 2016 - 12:00 a.m.

Fedora 23 : phpMyAdmin (2016-7fc142da66)

2016-12-0800:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31
JSON

phpMyAdmin 4.6.5.1 (2016-11-26) ===============================

A patch-level release fixing two small issues :

  • an issue affecting a small number of users using $cfg[‘Servers’][$i][‘hide_db’] or $cfg[‘Servers’][$i][‘only_db’].

  • an issue affecting the create table dialog where the partition selection tool was overzealous and made it difficult to create a new table.

There are also minor improvements to the Czech language file.

phpMyAdmin 4.6.5 (2016-11-25) =============================

A release containing security fixes and bug fixes. Aside from the security improvements, many bugs have been fixed including :

  • Fix for expanding in navigation pane

  • Reintroduced a simplified version of PmaAbsoluteUri directive (needed with reverse proxies)

  • Fix editing of ENUM/SET/DECIMAL field structures

  • Improvements to the parser

And many, many more. Please see the ChangeLog for full details of bugs fixes.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory FEDORA-2016-7fc142da66.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(95613);
  script_version("3.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2016-4412");
  script_xref(name:"FEDORA", value:"2016-7fc142da66");

  script_name(english:"Fedora 23 : phpMyAdmin (2016-7fc142da66)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"phpMyAdmin 4.6.5.1 (2016-11-26) ===============================

A patch-level release fixing two small issues :

  - an issue affecting a small number of users using
    $cfg['Servers'][$i]['hide_db'] or
    $cfg['Servers'][$i]['only_db'].

  - an issue affecting the create table dialog where the
    partition selection tool was overzealous and made it
    difficult to create a new table.

There are also minor improvements to the Czech language file.

phpMyAdmin 4.6.5 (2016-11-25) =============================

A release containing security fixes and bug fixes. Aside from the
security improvements, many bugs have been fixed including :

  - Fix for expanding in navigation pane

  - Reintroduced a simplified version of PmaAbsoluteUri
    directive (needed with reverse proxies)

  - Fix editing of ENUM/SET/DECIMAL field structures

  - Improvements to the parser

And many, many more. Please see the ChangeLog for full details of bugs
fixes.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-7fc142da66"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected phpMyAdmin package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:N");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:phpMyAdmin");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/12/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/12/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/08");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);


flag = 0;
if (rpm_check(release:"FC23", reference:"phpMyAdmin-4.6.5.1-2.fc23")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_NOTE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "phpMyAdmin");
}
VendorProductVersionCPE
fedoraprojectfedoraphpmyadminp-cpe:/a:fedoraproject:fedora:phpmyadmin
fedoraprojectfedora23cpe:/o:fedoraproject:fedora:23

Related

phpmyadmin 1
prion 1
fedora 3
openvas 6
cve 1
ubuntucve 1
nessus 5
debiancve 1
freebsd 1
osv 1
debian 1
gentoo 1
phpmyadmin
phpmyadmin
Open redirection
2016-11-25 00:00:00
prion
prion
Authentication flaw
2016-12-11 02:59:00
fedora
fedora
[SECURITY] Fedora 23 Update: phpMyAdmin-4.6.5.1-2.fc23
2016-12-08 03:20:57
[SECURITY] Fedora 24 Update: phpMyAdmin-4.6.5.1-2.fc24
2016-12-10 00:29:10
[SECURITY] Fedora 25 Update: phpMyAdmin-4.6.5.1-2.fc25
2016-12-04 16:54:20
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2016-7fc142da66
2016-12-08 00:00:00
Fedora Update for phpMyAdmin FEDORA-2016-6576a8536b
2016-12-07 00:00:00
Fedora Update for phpMyAdmin FEDORA-2016-2424eeca35
2016-12-10 00:00:00
cve
cve
CVE-2016-4412
2016-12-11 02:59:00
ubuntucve
ubuntucve
CVE-2016-4412
2016-12-11 00:00:00
nessus
nessus
Fedora 25 : phpMyAdmin (2016-6576a8536b)
2016-12-05 00:00:00
Fedora 24 : phpMyAdmin (2016-2424eeca35)
2016-12-12 00:00:00
FreeBSD : phpMyAdmin -- multiple vulnerabilities (6fe72178-b2e3-11e6-8b2a-6805ca0b3d42)
2016-11-28 00:00:00
debiancve
debiancve
CVE-2016-4412
2016-12-11 02:59:00
freebsd
freebsd
phpMyAdmin -- multiple vulnerabilities
2016-11-25 00:00:00
osv
osv
phpmyadmin - security update
2016-12-24 00:00:00
debian
debian
[SECURITY] [DLA 757-1] phpmyadmin security update
2016-12-24 22:29:29
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2017-01-11 00:00:00
JSON
Related for FEDORA_2016-7FC142DA66.NASL
phpmyadmin1prion1fedora3openvas6cve1ubuntucve1nessus5debiancve1freebsd1osv1debian1gentoo1