Lucene search
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.SUSE_SA_2006_071.NASLHistoryFeb 18, 2007 - 12:00 a.m.
SUSE-SA:2006:071: phpMyAdmin
2007-02-1800:00:00
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
www.tenable.com
23
The remote host is missing the patch for the advisory SUSE-SA:2006:071 (phpMyAdmin).
The phpMyAdmin package was upgraded to version 2.9.1.1.
While we usually do not do version upgrades, fixing the occurring security problems of phpMyAdmin got too difficult so we decided to go with the current upstream version.
This release includes fixes for the previously not fixed security problems tracked by the Mitre CVE IDs CVE-2006-3388, CVE-2006-5116, CVE-2006-5117, and CVE-2006-5718 and of course all other bugs fixed in 2.9.1.1.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:071
#
if ( ! defined_func("bn_random") ) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if(description)
{
script_id(24448);
script_version("1.10");
name["english"] = "SUSE-SA:2006:071: phpMyAdmin";
script_name(english:name["english"]);
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2006:071 (phpMyAdmin).
The phpMyAdmin package was upgraded to version 2.9.1.1.
While we usually do not do version upgrades, fixing the occurring
security problems of phpMyAdmin got too difficult so we decided to
go with the current upstream version.
This release includes fixes for the previously not fixed security problems
tracked by the Mitre CVE IDs CVE-2006-3388, CVE-2006-5116, CVE-2006-5117,
and CVE-2006-5718 and of course all other bugs fixed in 2.9.1.1." );
script_set_attribute(attribute:"solution", value:
"http://www.novell.com/linux/security/advisories/2006_71_phpmyadmin.html" );
script_set_attribute(attribute:"risk_factor", value:"High" );
script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/18");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_end_attributes();
summary["english"] = "Check for the version of the phpMyAdmin package";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
family["english"] = "SuSE Local Security Checks";
script_family(english:family["english"]);
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/SuSE/rpm-list");
exit(0);
}
include("rpm.inc");
if ( rpm_check( reference:"phpMyAdmin-2.9.1.1-2.1", release:"SUSE10.0") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"phpMyAdmin-2.9.1.1-2.1", release:"SUSE9.3") )
{
security_hole(0);
exit(0);
}
Related
nessus
nessus
openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-2300)
2007-10-17 00:00:00
phpMyAdmin < 2.9.1-rc1 Multiple Vulnerabilities
2006-09-28 00:00:00
suse
suse
cross site scripting in phpMyAdmin
2006-11-24 14:27:09
openvas
openvas
FreeBSD Ports: phpMyAdmin
2008-09-04 00:00:00
FreeBSD Ports: phpMyAdmin
2008-09-04 00:00:00
FreeBSD Ports: phpmyadmin
2008-09-04 00:00:00
freebsd
freebsd
phpmyadmin -- XSRF vulnerabilities
2006-09-28 00:00:00
ubuntucve
ubuntucve
cve
cve
phpmyadmin
phpmyadmin
XSS vulnerability
2006-11-01 00:00:00
XSS vulnerability
2006-06-30 00:00:00
XSRF (Cross Site Request Forgery) vulnerabilities
2006-10-01 00:00:00
debiancve
debiancve
osv
osv
phpmyadmin
2006-11-09 00:00:00
debian
debian
[SECURITY] [DSA 1207-2] New phpmyadmin packages fix regression
2006-11-19 12:55:33
[SECURITY] [DSA 1207-1] New phpmyadmin packages fix several vulnerabilities
2006-11-09 18:00:21
Related for SUSE_SA_2006_071.NASL