Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2023-0047-1.NASLHistoryFeb 16, 2023 - 12:00 a.m.
openSUSE 15 Security Update : phpMyAdmin (openSUSE-SU-2023:0047-1)
2023-02-1600:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0047-1 advisory.
-
PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.
(CVE-2022-0813) -
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances. (CVE-2022-23807)
-
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection. (CVE-2022-23808)
-
In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. (CVE-2023-25727)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# openSUSE Security Update openSUSE-SU-2023:0047-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(171533);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/02/16");
script_cve_id(
"CVE-2022-0813",
"CVE-2022-23807",
"CVE-2022-23808",
"CVE-2023-25727"
);
script_name(english:"openSUSE 15 Security Update : phpMyAdmin (openSUSE-SU-2023:0047-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the
openSUSE-SU-2023:0047-1 advisory.
- PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating
invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.
(CVE-2022-0813)
- An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already
authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future
login instances. (CVE-2022-23807)
- An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects
of the setup script, which can allow XSS or HTML injection. (CVE-2022-23808)
- In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a
crafted .sql file through the drag-and-drop interface. (CVE-2023-25727)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195017");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195018");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1197036");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208186");
# https://lists.opensuse.org/archives/list/[email protected]/thread/VQ5VVS2CGDQ32RHYLQQZFFFADPEZO6KM/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1e7d15d9");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0813");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-23807");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-23808");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-25727");
script_set_attribute(attribute:"solution", value:
"Update the affected phpMyAdmin, phpMyAdmin-apache and / or phpMyAdmin-lang packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0813");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/01/10");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:phpMyAdmin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:phpMyAdmin-apache");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:phpMyAdmin-lang");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.4");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/SuSE/release');
if (isnull(os_release) || os_release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, 'openSUSE');
var _os_ver = pregmatch(pattern: "^SUSE([\d.]+)", string:os_release);
if (isnull(_os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');
_os_ver = _os_ver[1];
if (os_release !~ "^(SUSE15\.4)$") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.4', os_release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + _os_ver, cpu);
var pkgs = [
{'reference':'phpMyAdmin-5.2.1-bp154.2.3.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},
{'reference':'phpMyAdmin-apache-5.2.1-bp154.2.3.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE},
{'reference':'phpMyAdmin-lang-5.2.1-bp154.2.3.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var _cpu = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (rpm_check(release:_release, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'phpMyAdmin / phpMyAdmin-apache / phpMyAdmin-lang');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | phpmyadmin | p-cpe:/a:novell:opensuse:phpmyadmin |
| novell | opensuse | phpmyadmin-apache | p-cpe:/a:novell:opensuse:phpmyadmin-apache |
| novell | opensuse | phpmyadmin-lang | p-cpe:/a:novell:opensuse:phpmyadmin-lang |
| novell | opensuse | 15.4 | cpe:/o:novell:opensuse:15.4 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25727
www.nessus.org/u?1e7d15d9
bugzilla.suse.com/1195017
bugzilla.suse.com/1195018
bugzilla.suse.com/1197036
bugzilla.suse.com/1208186
www.suse.com/security/cve/CVE-2022-0813
www.suse.com/security/cve/CVE-2022-23807
www.suse.com/security/cve/CVE-2022-23808
www.suse.com/security/cve/CVE-2023-25727
Related
openvas
openvas
openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2023:0047-1)
2024-03-04 00:00:00
Fedora: Security Advisory for phpMyAdmin (FEDORA-2022-914fa8641a)
2022-02-02 00:00:00
Mageia: Security Advisory (MGASA-2022-0036)
2022-01-28 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple Vulnerabilities
2023-11-26 00:00:00
nessus
nessus
GLSA-202311-17 : phpMyAdmin: Multiple Vulnerabilities
2023-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: phpMyAdmin-5.1.2-1.fc34
2022-02-02 01:16:00
[SECURITY] Fedora 35 Update: phpMyAdmin-5.1.2-1.fc35
2022-02-02 01:26:06
mageia
mageia
Updated phpmyadmin packages fix security vulnerability
2022-01-25 15:13:11
github
github
Cross-site Scripting in phpmyadmin
2022-01-28 22:36:28
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
2023-02-13 06:30:59
Improper Authentication in phpmyadmin
2022-01-28 22:44:40
phpmyadmin
phpmyadmin
XSS vulnerability in drag-and-drop upload
2023-02-07 00:00:00
Multiple XSS and HTML injection attacks in setup script
2022-01-10 00:00:00
Two factor authentication bypass
2022-01-10 00:00:00
osv
osv
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
2023-02-13 06:30:59
CVE-2023-25727
2023-02-13 06:15:11
BIT-phpmyadmin-2023-25727
2024-03-06 11:01:27
veracode
veracode
Cross-site Scripting (XSS)
2023-02-22 07:42:04
Cross-Site Scripting (XSS)
2022-01-23 17:39:14
Cross-Site Scripting (XSS)
2022-01-24 08:39:57
debiancve
debiancve
cve
cve
ubuntucve
ubuntucve
prion
prion
Information disclosure
2023-02-13 06:15:00
Design/Logic Flaw
2022-01-22 02:15:00
Authentication flaw
2022-01-22 02:15:00
cnvd
cnvd
phpMyAdmin Cross-Site Scripting Vulnerability (CNVD-2022-08031)
2022-01-25 00:00:00
phpMyAdmin authorization problem vulnerability
2022-01-25 00:00:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Phpmyadmin
2022-02-01 17:02:03
alpinelinux
alpinelinux
CVE-2022-23808
2022-01-22 02:15:00
CVE-2022-23807
2022-01-22 02:15:00
nuclei
nuclei
phpMyAdmin < 5.1.2 - Cross-Site Scripting
2022-02-14 11:43:04
redos
redos
ROS-20220323-01
2022-03-23 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
Related for OPENSUSE-2023-0047-1.NASL