ID OPENVAS:1361412562310807080 Type openvas Reporter Copyright (C) 2016 Greenbone Networks GmbH Modified 2020-05-08T00:00:00
Description
This host is installed with phpMyAdmin
and is prone to multiple vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
#
# phpMyAdmin Multiple Vulnerabilities -01 Feb16
#
# Authors:
# Rinu Kuriakose <krinu@secpod.com>
#
# Copyright:
# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
CPE = "cpe:/a:phpmyadmin:phpmyadmin";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.807080");
script_version("2020-05-08T08:34:44+0000");
script_cve_id("CVE-2016-2038", "CVE-2016-2039", "CVE-2016-2040", "CVE-2016-2041",
"CVE-2016-1927");
script_bugtraq_id(82075, 81210, 82077, 82084, 82076);
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"last_modification", value:"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)");
script_tag(name:"creation_date", value:"2016-02-23 10:17:05 +0530 (Tue, 23 Feb 2016)");
script_tag(name:"qod_type", value:"remote_active");
script_name("phpMyAdmin Multiple Vulnerabilities -01 Feb16");
script_tag(name:"summary", value:"This host is installed with phpMyAdmin
and is prone to multiple vulnerabilities.");
script_tag(name:"vuldetect", value:"Send a crafted request via HTTP GET and
check whether it is able to obtain sensitive information or not.");
script_tag(name:"insight", value:"Multiple flaws are due to,
- The recommended setting of the PHP configuration directive display_errors is
set to on, which is against the recommendations given in the PHP manual
for a production server.
- The XSRF/CSRF token is generated with a weak algorithm using functions
that do not return cryptographically secure values.
- An insufficient validation of user supplied input via parameters
table name, SET value, hostname header and search query.
- The password suggestion functionality uses 'Math.random' function which does
not provide cryptographically secure random numbers.
- The 'libraries/common.inc.php' script does not use a constant-time algorithm
for comparing CSRF tokens.");
script_tag(name:"impact", value:"Successful exploitation will allow remote
attackers to obtain sensitive information about the server and to inject
arbitrary web script or HTML, to bypass intended access restrictions and
to guess passwords.");
script_tag(name:"affected", value:"phpMyAdmin versions 4.0.x prior to 4.0.10.13,
4.4.x prior to 4.4.15.3 and 4.5.x prior to 4.5.4");
script_tag(name:"solution", value:"Upgrade to phpMyAdmin version 4.0.10.13 or
4.4.15.3 or 4.5.4 or later or apply patch from the link mentioned in reference.");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"https://www.phpmyadmin.net/security/PMASA-2016-4");
script_xref(name:"URL", value:"https://www.phpmyadmin.net/security/PMASA-2016-5");
script_xref(name:"URL", value:"https://www.phpmyadmin.net/security/PMASA-2016-3");
script_xref(name:"URL", value:"https://www.phpmyadmin.net/security/PMASA-2016-2");
script_xref(name:"URL", value:"https://www.phpmyadmin.net/security/PMASA-2016-1");
script_category(ACT_ATTACK);
script_copyright("Copyright (C) 2016 Greenbone Networks GmbH");
script_family("Web application abuses");
script_dependencies("secpod_phpmyadmin_detect_900129.nasl");
script_mandatory_keys("phpMyAdmin/installed");
script_require_ports("Services/www", 80);
exit(0);
}
include("http_func.inc");
include("host_details.inc");
include("http_keepalive.inc");
if(!http_port = get_app_port(cpe:CPE)){
exit(0);
}
if(!dir = get_app_location(cpe:CPE, port:http_port)){
exit(0);
}
url = dir + '/setup/lib/common.inc.php';
if(http_vuln_check(port:http_port, url:url, check_header:TRUE,
pattern:"Fatal error.*PMA_fatalError.*common.inc.php"))
{
report = http_report_vuln_url( port:http_port, url:url );
security_message(port:http_port, data:report);
exit(0);
}
{"id": "OPENVAS:1361412562310807080", "type": "openvas", "bulletinFamily": "scanner", "title": "phpMyAdmin Multiple Vulnerabilities -01 Feb16", "description": "This host is installed with phpMyAdmin\n and is prone to multiple vulnerabilities.", "published": "2016-02-23T00:00:00", "modified": "2020-05-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807080", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://www.phpmyadmin.net/security/PMASA-2016-5", "https://www.phpmyadmin.net/security/PMASA-2016-3", "https://www.phpmyadmin.net/security/PMASA-2016-1", "https://www.phpmyadmin.net/security/PMASA-2016-4", "https://www.phpmyadmin.net/security/PMASA-2016-2"], "cvelist": ["CVE-2016-2040", "CVE-2016-2038", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041"], "lastseen": "2020-05-12T17:23:13", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FEDORA_2016-E1FE01E96E.NASL", "FREEBSD_PKG_5D6A204FC60B11E5BF366805CA0B3D42.NASL", "OPENSUSE-2016-168.NASL", "FREEBSD_PKG_6CC06EECC60B11E5BF366805CA0B3D42.NASL", "OPENSUSE-2016-151.NASL", "PHPMYADMIN_PMASA_2016_5.NASL", "DEBIAN_DLA-481.NASL", "FEDORA_2016-E55278763E.NASL", "DEBIAN_DSA-3627.NASL", "DEBIAN_DLA-406.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310131209", "OPENVAS:1361412562310703627", "OPENVAS:703627"]}, {"type": "cve", "idList": ["CVE-2016-2041", "CVE-2016-2040", "CVE-2016-1927", "CVE-2016-2038", "CVE-2016-2039"]}, {"type": "debian", "idList": ["DEBIAN:DLA-481-2:3E1D6", "DEBIAN:DSA-3627-1:EBE43", "DEBIAN:DLA-406-1:87E3E", "DEBIAN:DLA-481-1:91517"]}, {"type": "typo3", "idList": ["TYPO3-EXT-SA-2016-007"]}, {"type": "f5", "idList": ["F5:K93445609", "SOL93445609"]}, {"type": "fedora", "idList": ["FEDORA:051106087A81", "FEDORA:4F6D8619640B"]}, {"type": "freebsd", "idList": ["71B24D99-C60B-11E5-BF36-6805CA0B3D42", "6F0C2D1B-C60B-11E5-BF36-6805CA0B3D42", "60AB0E93-C60B-11E5-BF36-6805CA0B3D42", "5D6A204F-C60B-11E5-BF36-6805CA0B3D42", "6CC06EEC-C60B-11E5-BF36-6805CA0B3D42"]}, {"type": "phpmyadmin", "idList": ["PHPMYADMIN:PMASA-2016-4", "PHPMYADMIN:PMASA-2016-5", "PHPMYADMIN:PMASA-2016-1", "PHPMYADMIN:PMASA-2016-3", "PHPMYADMIN:PMASA-2016-2"]}], "modified": "2020-05-12T17:23:13", "rev": 2}, "score": {"value": 5.7, "vector": "NONE", "modified": "2020-05-12T17:23:13", "rev": 2}, "vulnersScore": 5.7}, "pluginID": "1361412562310807080", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# phpMyAdmin Multiple Vulnerabilities -01 Feb16\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807080\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_cve_id(\"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\",\n \"CVE-2016-1927\");\n script_bugtraq_id(82075, 81210, 82077, 82084, 82076);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-02-23 10:17:05 +0530 (Tue, 23 Feb 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_active\");\n script_name(\"phpMyAdmin Multiple Vulnerabilities -01 Feb16\");\n\n script_tag(name:\"summary\", value:\"This host is installed with phpMyAdmin\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Send a crafted request via HTTP GET and\n check whether it is able to obtain sensitive information or not.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The recommended setting of the PHP configuration directive display_errors is\n set to on, which is against the recommendations given in the PHP manual\n for a production server.\n\n - The XSRF/CSRF token is generated with a weak algorithm using functions\n that do not return cryptographically secure values.\n\n - An insufficient validation of user supplied input via parameters\n table name, SET value, hostname header and search query.\n\n - The password suggestion functionality uses 'Math.random' function which does\n not provide cryptographically secure random numbers.\n\n - The 'libraries/common.inc.php' script does not use a constant-time algorithm\n for comparing CSRF tokens.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to obtain sensitive information about the server and to inject\n arbitrary web script or HTML, to bypass intended access restrictions and\n to guess passwords.\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin versions 4.0.x prior to 4.0.10.13,\n 4.4.x prior to 4.4.15.3 and 4.5.x prior to 4.5.4\");\n\n script_tag(name:\"solution\", value:\"Upgrade to phpMyAdmin version 4.0.10.13 or\n 4.4.15.3 or 4.5.4 or later or apply patch from the link mentioned in reference.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-4\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-5\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-3\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-2\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-1\");\n\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nif(!http_port = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!dir = get_app_location(cpe:CPE, port:http_port)){\n exit(0);\n}\n\nurl = dir + '/setup/lib/common.inc.php';\n\nif(http_vuln_check(port:http_port, url:url, check_header:TRUE,\n pattern:\"Fatal error.*PMA_fatalError.*common.inc.php\"))\n{\n report = http_report_vuln_url( port:http_port, url:url );\n security_message(port:http_port, data:report);\n exit(0);\n}\n", "naslFamily": "Web application abuses"}
{"openvas": [{"lastseen": "2019-05-29T18:35:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-2038", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041"], "description": "Mageia Linux Local Security Checks mgasa-2016-0051", "modified": "2019-03-14T00:00:00", "published": "2016-02-08T00:00:00", "id": "OPENVAS:1361412562310131209", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131209", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0051", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0051.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131209\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-02-08 19:55:16 +0200 (Mon, 08 Feb 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0051\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0051.html\");\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0051\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"phpmyadmin\", rpm:\"phpmyadmin~4.4.15.4~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"phpseclib\", rpm:\"phpseclib~2.0.1~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:55:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "description": "Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927 \nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039 \nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041 \nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701 \nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706 \nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731 \nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739 \nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.", "modified": "2017-07-07T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:703627", "href": "http://plugins.openvas.org/nasl.php?oid=703627", "type": "openvas", "title": "Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3627.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3627-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703627);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\",\n \"CVE-2016-2560\", \"CVE-2016-2561\", \"CVE-2016-5099\", \"CVE-2016-5701\",\n \"CVE-2016-5705\", \"CVE-2016-5706\", \"CVE-2016-5731\", \"CVE-2016-5733\",\n \"CVE-2016-5739\");\n script_name(\"Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:58:14 +0530 (Tue, 02 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3627.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"phpmyadmin on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package allows administering of MySQL\nor MariaDB with a web interface.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 4:4.2.12-2+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.6.3-1.\n\nWe recommend that you upgrade your phpmyadmin packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927 \nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039 \nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041 \nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701 \nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706 \nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731 \nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739 \nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"phpmyadmin\", ver:\"4:4.2.12-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:35:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "description": "Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927\nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039\nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041\nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701\nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706\nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731\nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739\nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.", "modified": "2019-03-18T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:1361412562310703627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703627", "type": "openvas", "title": "Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3627.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3627-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703627\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\",\n \"CVE-2016-2560\", \"CVE-2016-2561\", \"CVE-2016-5099\", \"CVE-2016-5701\",\n \"CVE-2016-5705\", \"CVE-2016-5706\", \"CVE-2016-5731\", \"CVE-2016-5733\",\n \"CVE-2016-5739\");\n script_name(\"Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:58:14 +0530 (Tue, 02 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3627.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"phpmyadmin on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 4:4.2.12-2+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.6.3-1.\n\nWe recommend that you upgrade your phpmyadmin packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927\nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039\nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041\nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701\nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706\nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731\nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739\nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"phpmyadmin\", ver:\"4:4.2.12-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-03-01T05:22:32", "description": "According to its self-reported version number, the phpMyAdmin\napplication hosted on the remote web server is 4.0.x prior to\n4.0.10.13, 4.4.x prior to 4.4.15.3, or 4.5.x prior to 4.5.4. It is,\ntherefore, affected by the following vulnerabilities :\n\n - A security bypass vulnerability exists due to the use of\n the Math.random() JavaScript function which does not\n provide cryptographically secure random numbers. A\n remote attacker can exploit this to guess passwords via\n a brute-force attack. (CVE-2016-1927)\n\n - An information disclosure vulnerability exists in\n multiple scripts that allows a remote attacker, via a\n specially crafted request, to disclose the software's\n installation path. (CVE-2016-2038)\n\n - A security bypass vulnerability exists due to generating\n XSRF tokens with cryptographically insecure values. A\n remote attacker can exploit this to bypass intended\n access restrictions by predicting a value.\n (CVE-2016-2039)\n\n - Multiple cross-site scripting vulnerabilities exist due\n to improper validation of user-supplied input to the\n home, database search, and zoom search pages. An\n authenticated, remote attacker can exploit this, via a\n specially crafted request, to execute arbitrary script\n code in a user's browser session. (CVE-2016-2040)\n\n - A security bypass vulnerability exists due to a failure\n to use a constant-time algorithm for comparing XSRF\n tokens. A remote attacker can exploit this, via a timing\n attack, to bypass intended access restrictions.\n (CVE-2016-2041)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.", "edition": 28, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-02-26T00:00:00", "title": "phpMyAdmin 4.0.x < 4.0.10.13 / 4.4.x < 4.4.15.3 / 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-1 - PMASA-2016-5)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-2038", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin"], "id": "PHPMYADMIN_PMASA_2016_5.NASL", "href": "https://www.tenable.com/plugins/nessus/88985", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88985);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2016-1927\",\n \"CVE-2016-2038\",\n \"CVE-2016-2039\",\n \"CVE-2016-2040\",\n \"CVE-2016-2041\"\n );\n script_bugtraq_id(\n 81210,\n 82075,\n 82076,\n 82077,\n 82084\n );\n\n script_name(english:\"phpMyAdmin 4.0.x < 4.0.10.13 / 4.4.x < 4.4.15.3 / 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-1 - PMASA-2016-5)\");\n script_summary(english:\"Checks the version of phpMyAdmin.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a PHP application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the phpMyAdmin\napplication hosted on the remote web server is 4.0.x prior to\n4.0.10.13, 4.4.x prior to 4.4.15.3, or 4.5.x prior to 4.5.4. It is,\ntherefore, affected by the following vulnerabilities :\n\n - A security bypass vulnerability exists due to the use of\n the Math.random() JavaScript function which does not\n provide cryptographically secure random numbers. A\n remote attacker can exploit this to guess passwords via\n a brute-force attack. (CVE-2016-1927)\n\n - An information disclosure vulnerability exists in\n multiple scripts that allows a remote attacker, via a\n specially crafted request, to disclose the software's\n installation path. (CVE-2016-2038)\n\n - A security bypass vulnerability exists due to generating\n XSRF tokens with cryptographically insecure values. A\n remote attacker can exploit this to bypass intended\n access restrictions by predicting a value.\n (CVE-2016-2039)\n\n - Multiple cross-site scripting vulnerabilities exist due\n to improper validation of user-supplied input to the\n home, database search, and zoom search pages. An\n authenticated, remote attacker can exploit this, via a\n specially crafted request, to execute arbitrary script\n code in a user's browser session. (CVE-2016-2040)\n\n - A security bypass vulnerability exists due to a failure\n to use a constant-time algorithm for comparing XSRF\n tokens. A remote attacker can exploit this, via a timing\n attack, to bypass intended access restrictions.\n (CVE-2016-2041)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-1/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-2/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-3/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-4/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-5/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to phpMyAdmin version 4.0.10.13 / 4.4.15.3 / 4.5.4 or later.\nAlternatively, apply the patch referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-2041\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/26\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:phpmyadmin:phpmyadmin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"phpMyAdmin_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/phpMyAdmin\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\nappname = \"phpMyAdmin\";\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_single_install(app_name:appname, port:port, exit_if_unknown_ver:TRUE);\ndir = install['path'];\nurl = build_url(qs:dir, port:port);\nversion = install['version'];\n\nif (version =~ \"^4(\\.[045])?$\") audit(AUDIT_VER_NOT_GRANULAR, appname, port, version);\nif (version !~ \"^4\\.[045][^0-9]\") audit(AUDIT_WEB_APP_NOT_INST, appname + \" 4.0.x / 4.4.x / 4.5.x\", port);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nre = make_array(\n -2, \"-beta(\\d+)\",\n -1, \"-rc(\\d+)\"\n);\n\n# Affected version\n# 4.0.x < 4.0.10.13\n# 4.4.x < 4.4.15.3\n# 4.5.x < 4.5.4\ncut_off = NULL;\nfixed_ver = NULL;\n\nif (version =~ \"^4\\.0\\.\")\n{\n cut_off = '4.0.0';\n fixed_ver = '4.0.10.13';\n}\nelse if (version =~ \"^4\\.4\\.\")\n{\n cut_off = '4.4.0';\n fixed_ver = '4.4.15.3';\n}\nelse if (version =~ \"^4\\.5\\.\")\n{\n cut_off = '4.5.0';\n fixed_ver = '4.5.4';\n}\nelse\n{\n audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, url, version);\n}\n\nif (\n ver_compare(ver:version, fix:cut_off, regexes:re) >= 0 &&\n ver_compare(ver:version, fix:fixed_ver, regexes:re) == -1\n)\n{\n report =\n '\\n URL : ' + url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_ver +\n '\\n';\n\n set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n\n security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, url, version);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T09:43:48", "description": "The previous security upload broke the search pages in phpMyAdmin.\nThis was caused by a broken patch applied to fix CVE-2016-2040.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4:3.4.11.1-2+deb7u4.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-05-19T00:00:00", "title": "Debian DLA-481-2 : phpmyadmin regression update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-2038", "CVE-2016-1927", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-2041", "CVE-2016-2045"], "modified": "2016-05-19T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:phpmyadmin", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-481.NASL", "href": "https://www.tenable.com/plugins/nessus/91243", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-481-2. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91243);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2045\", \"CVE-2016-2560\");\n\n script_name(english:\"Debian DLA-481-2 : phpmyadmin regression update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The previous security upload broke the search pages in phpMyAdmin.\nThis was caused by a broken patch applied to fix CVE-2016-2040.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4:3.4.11.1-2+deb7u4.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/05/msg00048.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/phpmyadmin\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected phpmyadmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"phpmyadmin\", reference:\"4:3.4.11.1-2+deb7u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-20T12:29:51", "description": "This update to phpMyAdmin 4.4.15.4 fixes the following issues\n(boo#964024)\n\n - CVE-2016-2038: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2039: Unsafe generation of XSRF/CSRF token\n\n - CVE-2016-2040: Multiple XSS vulnerabilities\n\n - CVE-2016-1927: Insecure password generation in\n JavaScript\n\n - CVE-2016-2041: Unsafe comparison of XSRF/CSRF token\n\n - CVE-2016-2042: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2043: XSS vulnerability in normalization page", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-02-08T00:00:00", "title": "openSUSE Security Update : phpMyAdmin (openSUSE-2016-151)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-2042", "CVE-2016-2038", "CVE-2016-2043", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041"], "modified": "2016-02-08T00:00:00", "cpe": ["cpe:/o:novell:opensuse:42.1", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:phpMyAdmin"], "id": "OPENSUSE-2016-151.NASL", "href": "https://www.tenable.com/plugins/nessus/88607", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-151.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88607);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2042\", \"CVE-2016-2043\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin (openSUSE-2016-151)\");\n script_summary(english:\"Check for the openSUSE-2016-151 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update to phpMyAdmin 4.4.15.4 fixes the following issues\n(boo#964024)\n\n - CVE-2016-2038: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2039: Unsafe generation of XSRF/CSRF token\n\n - CVE-2016-2040: Multiple XSS vulnerabilities\n\n - CVE-2016-1927: Insecure password generation in\n JavaScript\n\n - CVE-2016-2041: Unsafe comparison of XSRF/CSRF token\n\n - CVE-2016-2042: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2043: XSS vulnerability in normalization page\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=964024\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"phpMyAdmin-4.4.15.4-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"phpMyAdmin-4.4.15.4-13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-20T12:29:56", "description": "Security update to phpMyAdmin 4.4.15.4\n\nThe followinng vulnerabilities were fixed: (boo#964024)\n\n - CVE-2016-2038: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2039: Unsafe generation of XSRF/CSRF token\n\n - CVE-2016-2040: Multiple XSS vulnerabilities\n\n - CVE-2016-1927: Insecure password generation in\n JavaScript\n\n - CVE-2016-2041: Unsafe comparison of XSRF/CSRF token\n\n - CVE-2016-2042: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2043: XSS vulnerability in normalization page", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-02-09T00:00:00", "title": "openSUSE Security Update : phpMyAdmin 4.4.15.4 (openSUSE-2016-168)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-2042", "CVE-2016-2038", "CVE-2016-2043", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041"], "modified": "2016-02-09T00:00:00", "cpe": ["cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:phpMyAdmin"], "id": "OPENSUSE-2016-168.NASL", "href": "https://www.tenable.com/plugins/nessus/88632", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-168.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88632);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2042\", \"CVE-2016-2043\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin 4.4.15.4 (openSUSE-2016-168)\");\n script_summary(english:\"Check for the openSUSE-2016-168 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security update to phpMyAdmin 4.4.15.4\n\nThe followinng vulnerabilities were fixed: (boo#964024)\n\n - CVE-2016-2038: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2039: Unsafe generation of XSRF/CSRF token\n\n - CVE-2016-2040: Multiple XSS vulnerabilities\n\n - CVE-2016-1927: Insecure password generation in\n JavaScript\n\n - CVE-2016-2041: Unsafe comparison of XSRF/CSRF token\n\n - CVE-2016-2042: Multiple full path disclosure\n vulnerabilities\n\n - CVE-2016-2043: XSS vulnerability in normalization page\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=964024\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin 4.4.15.4 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"phpMyAdmin-4.4.15.4-46.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:14:56", "description": "phpMyAdmin 4.5.4.1 (2016-01-28) =============================== -\nError with PMA 4.4.15.3 - Remove hard dependency on phpseclib\nphpMyAdmin 4.5.4 (2016-01-28) ============================= - live\ndata edit of big sets is not working - Table list not saved in db QBE\nbookmarked search - While 'changing a column', query fails with a\nsyntax error after the 'CHARSET=' keyword - Avoid syntax error in\nJavaScript messages on invalid PHP setting for max_input_vars -\nProperly handle errors in upacking zip archive - Set PHP's internal\nencoding to UTF-8 - Fixed Kanji encoding in some specific cases -\nCheck whether iconv works before using it - Avoid conversion of MySQL\nerror messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns'\n(per column button) does nothing - SQL duplicate entry error trying to\nINSERT in designer_settings table - Fix handling of databases with dot\nin a name - Fix hiding of page content behind menu - FROM clause not\ngenerated after loading search bookmark - Fix creating/editing VIEW\nwith DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES\nwhen server in --skip- grant-tables - Misleading message for\nconfiguration storage - Table pagination does nothing when session\nexpired - Index comments not working properly - Better handle local\nstorage errors - Improve detection of privileges for privilege\nadjusting - Undefined property: stdClass::$releases at version check\nwhen disabled in config - SQL comment and variable stripped from\nbookmark on save - Gracefully handle errors in regex based JavaScript\nsearch - [Security] Multiple full path disclosure vulnerabilities, see\nPMASA-2016-1 - [Security] Unsafe generation of CSRF token, see\nPMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see\nPMASA-2016-3 - [Security] Insecure password generation in JavaScript,\nsee PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see\nPMASA-2016-5 - [Security] Multiple full path disclosure\nvulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in\nnormalization page, see PMASA-2016-7 - [Security] Full path disclosure\nvulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS\nvulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : phpMyAdmin-4.5.4.1-1.fc23 (2016-e55278763e)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-2042", "CVE-2016-2038", "CVE-2016-2044", "CVE-2016-2043", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041", "CVE-2016-2045"], "modified": "2016-03-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:23", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2016-E55278763E.NASL", "href": "https://www.tenable.com/plugins/nessus/89630", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-e55278763e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89630);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2042\", \"CVE-2016-2043\", \"CVE-2016-2044\", \"CVE-2016-2045\");\n script_xref(name:\"FEDORA\", value:\"2016-e55278763e\");\n\n script_name(english:\"Fedora 23 : phpMyAdmin-4.5.4.1-1.fc23 (2016-e55278763e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin 4.5.4.1 (2016-01-28) =============================== -\nError with PMA 4.4.15.3 - Remove hard dependency on phpseclib\nphpMyAdmin 4.5.4 (2016-01-28) ============================= - live\ndata edit of big sets is not working - Table list not saved in db QBE\nbookmarked search - While 'changing a column', query fails with a\nsyntax error after the 'CHARSET=' keyword - Avoid syntax error in\nJavaScript messages on invalid PHP setting for max_input_vars -\nProperly handle errors in upacking zip archive - Set PHP's internal\nencoding to UTF-8 - Fixed Kanji encoding in some specific cases -\nCheck whether iconv works before using it - Avoid conversion of MySQL\nerror messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns'\n(per column button) does nothing - SQL duplicate entry error trying to\nINSERT in designer_settings table - Fix handling of databases with dot\nin a name - Fix hiding of page content behind menu - FROM clause not\ngenerated after loading search bookmark - Fix creating/editing VIEW\nwith DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES\nwhen server in --skip- grant-tables - Misleading message for\nconfiguration storage - Table pagination does nothing when session\nexpired - Index comments not working properly - Better handle local\nstorage errors - Improve detection of privileges for privilege\nadjusting - Undefined property: stdClass::$releases at version check\nwhen disabled in config - SQL comment and variable stripped from\nbookmark on save - Gracefully handle errors in regex based JavaScript\nsearch - [Security] Multiple full path disclosure vulnerabilities, see\nPMASA-2016-1 - [Security] Unsafe generation of CSRF token, see\nPMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see\nPMASA-2016-3 - [Security] Insecure password generation in JavaScript,\nsee PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see\nPMASA-2016-5 - [Security] Multiple full path disclosure\nvulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in\nnormalization page, see PMASA-2016-7 - [Security] Full path disclosure\nvulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS\nvulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302686\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?849850b3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"phpMyAdmin-4.5.4.1-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:14:54", "description": "phpMyAdmin 4.5.4 (2016-01-28) ============================= - live\ndata edit of big sets is not working - Table list not saved in db QBE\nbookmarked search - While 'changing a column', query fails with a\nsyntax error after the 'CHARSET=' keyword - Avoid syntax error in\nJavaScript messages on invalid PHP setting for max_input_vars -\nProperly handle errors in upacking zip archive - Set PHP's internal\nencoding to UTF-8 - Fixed Kanji encoding in some specific cases -\nCheck whether iconv works before using it - Avoid conversion of MySQL\nerror messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns'\n(per column button) does nothing - SQL duplicate entry error trying to\nINSERT in designer_settings table - Fix handling of databases with dot\nin a name - Fix hiding of page content behind menu - FROM clause not\ngenerated after loading search bookmark - Fix creating/editing VIEW\nwith DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES\nwhen server in --skip-grant-tables - Misleading message for\nconfiguration storage - Table pagination does nothing when session\nexpired - Index comments not working properly - Better handle local\nstorage errors - Improve detection of privileges for privilege\nadjusting - Undefined property: stdClass::$releases at version check\nwhen disabled in config - SQL comment and variable stripped from\nbookmark on save - Gracefully handle errors in regex based JavaScript\nsearch - [Security] Multiple full path disclosure vulnerabilities, see\nPMASA-2016-1 - [Security] Unsafe generation of CSRF token, see\nPMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see\nPMASA-2016-3 - [Security] Insecure password generation in JavaScript,\nsee PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see\nPMASA-2016-5 - [Security] Multiple full path disclosure\nvulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in\nnormalization page, see PMASA-2016-7 - [Security] Full path disclosure\nvulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS\nvulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-03-04T00:00:00", "title": "Fedora 22 : phpMyAdmin-4.5.4-1.fc22 (2016-e1fe01e96e)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-2042", "CVE-2016-2038", "CVE-2016-2044", "CVE-2016-2043", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041", "CVE-2016-2045"], "modified": "2016-03-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:22", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2016-E1FE01E96E.NASL", "href": "https://www.tenable.com/plugins/nessus/89625", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-e1fe01e96e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89625);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2038\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2042\", \"CVE-2016-2043\", \"CVE-2016-2044\", \"CVE-2016-2045\");\n script_xref(name:\"FEDORA\", value:\"2016-e1fe01e96e\");\n\n script_name(english:\"Fedora 22 : phpMyAdmin-4.5.4-1.fc22 (2016-e1fe01e96e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin 4.5.4 (2016-01-28) ============================= - live\ndata edit of big sets is not working - Table list not saved in db QBE\nbookmarked search - While 'changing a column', query fails with a\nsyntax error after the 'CHARSET=' keyword - Avoid syntax error in\nJavaScript messages on invalid PHP setting for max_input_vars -\nProperly handle errors in upacking zip archive - Set PHP's internal\nencoding to UTF-8 - Fixed Kanji encoding in some specific cases -\nCheck whether iconv works before using it - Avoid conversion of MySQL\nerror messages - Undefined index: parameters - Undefined index:\nfield_name_orig - Undefined index: host - 'Add to central columns'\n(per column button) does nothing - SQL duplicate entry error trying to\nINSERT in designer_settings table - Fix handling of databases with dot\nin a name - Fix hiding of page content behind menu - FROM clause not\ngenerated after loading search bookmark - Fix creating/editing VIEW\nwith DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES\nwhen server in --skip-grant-tables - Misleading message for\nconfiguration storage - Table pagination does nothing when session\nexpired - Index comments not working properly - Better handle local\nstorage errors - Improve detection of privileges for privilege\nadjusting - Undefined property: stdClass::$releases at version check\nwhen disabled in config - SQL comment and variable stripped from\nbookmark on save - Gracefully handle errors in regex based JavaScript\nsearch - [Security] Multiple full path disclosure vulnerabilities, see\nPMASA-2016-1 - [Security] Unsafe generation of CSRF token, see\nPMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see\nPMASA-2016-3 - [Security] Insecure password generation in JavaScript,\nsee PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see\nPMASA-2016-5 - [Security] Multiple full path disclosure\nvulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in\nnormalization page, see PMASA-2016-7 - [Security] Full path disclosure\nvulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS\nvulnerability in SQL editor, see PMASA-2016-9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1302686\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f479b586\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"phpMyAdmin-4.5.4-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T09:43:43", "description": "Several flaws were discovered in the CSRF authentication code of\nphpMyAdmin.\n\nCVE-2016-2039\n\nThe XSRF/CSRF token is generated with a weak algorithm using functions\nthat do not return cryptographically secure values.\n\nCVE-2016-2041\n\nThe comparison of the XSRF/CSRF token parameter with the value saved\nin the session is vulnerable to timing attacks. Moreover, the\ncomparison could be bypassed if the XSRF/CSRF token matches a\nparticular pattern.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 16, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-02-01T00:00:00", "title": "Debian DLA-406-1 : phpmyadmin security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2039", "CVE-2016-2041"], "modified": "2016-02-01T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:phpmyadmin"], "id": "DEBIAN_DLA-406.NASL", "href": "https://www.tenable.com/plugins/nessus/88492", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-406-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88492);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2039\", \"CVE-2016-2041\");\n\n script_name(english:\"Debian DLA-406-1 : phpmyadmin security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were discovered in the CSRF authentication code of\nphpMyAdmin.\n\nCVE-2016-2039\n\nThe XSRF/CSRF token is generated with a weak algorithm using functions\nthat do not return cryptographically secure values.\n\nCVE-2016-2041\n\nThe comparison of the XSRF/CSRF token parameter with the value saved\nin the session is vulnerable to timing attacks. Moreover, the\ncomparison could be bypassed if the XSRF/CSRF token matches a\nparticular pattern.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/01/msg00031.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/phpmyadmin\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected phpmyadmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"phpmyadmin\", reference:\"4:3.3.7-11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T09:49:43", "description": "Several vulnerabilities have been fixed in phpMyAdmin, the web-based\nMySQL administration interface.\n\n - CVE-2016-1927\n The suggestPassword function relied on a non-secure\n random number generator which makes it easier for remote\n attackers to guess generated passwords via a brute-force\n approach.\n\n - CVE-2016-2039\n CSRF token values were generated by a non-secure random\n number generator, which allows remote attackers to\n bypass intended access restrictions by predicting a\n value.\n\n - CVE-2016-2040\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote authenticated users to inject arbitrary web\n script or HTML.\n\n - CVE-2016-2041\n phpMyAdmin does not use a constant-time algorithm for\n comparing CSRF tokens, which makes it easier for remote\n attackers to bypass intended access restrictions by\n measuring time differences.\n\n - CVE-2016-2560\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-2561\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5099\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5701\n For installations running on plain HTTP, phpMyAdmin\n allows remote attackers to conduct BBCode injection\n attacks against HTTP sessions via a crafted URI.\n\n - CVE-2016-5705\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5706\n phpMyAdmin allows remote attackers to cause a denial of\n service (resource consumption) via a large array in the\n scripts parameter.\n\n - CVE-2016-5731\n A cross-site scripting (XSS) vulnerability allows remote\n attackers to inject arbitrary web script or HTML.\n\n - CVE-2016-5733\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5739\n A specially crafted Transformation could leak\n information which a remote attacker could use to perform\n cross site request forgeries.", "edition": 24, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-07-25T00:00:00", "title": "Debian DSA-3627-1 : phpmyadmin - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "modified": "2016-07-25T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:phpmyadmin"], "id": "DEBIAN_DSA-3627.NASL", "href": "https://www.tenable.com/plugins/nessus/92527", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3627. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92527);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2560\", \"CVE-2016-2561\", \"CVE-2016-5099\", \"CVE-2016-5701\", \"CVE-2016-5705\", \"CVE-2016-5706\", \"CVE-2016-5731\", \"CVE-2016-5733\", \"CVE-2016-5739\");\n script_xref(name:\"DSA\", value:\"3627\");\n\n script_name(english:\"Debian DSA-3627-1 : phpmyadmin - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been fixed in phpMyAdmin, the web-based\nMySQL administration interface.\n\n - CVE-2016-1927\n The suggestPassword function relied on a non-secure\n random number generator which makes it easier for remote\n attackers to guess generated passwords via a brute-force\n approach.\n\n - CVE-2016-2039\n CSRF token values were generated by a non-secure random\n number generator, which allows remote attackers to\n bypass intended access restrictions by predicting a\n value.\n\n - CVE-2016-2040\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote authenticated users to inject arbitrary web\n script or HTML.\n\n - CVE-2016-2041\n phpMyAdmin does not use a constant-time algorithm for\n comparing CSRF tokens, which makes it easier for remote\n attackers to bypass intended access restrictions by\n measuring time differences.\n\n - CVE-2016-2560\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-2561\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5099\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5701\n For installations running on plain HTTP, phpMyAdmin\n allows remote attackers to conduct BBCode injection\n attacks against HTTP sessions via a crafted URI.\n\n - CVE-2016-5705\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5706\n phpMyAdmin allows remote attackers to cause a denial of\n service (resource consumption) via a large array in the\n scripts parameter.\n\n - CVE-2016-5731\n A cross-site scripting (XSS) vulnerability allows remote\n attackers to inject arbitrary web script or HTML.\n\n - CVE-2016-5733\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5739\n A specially crafted Transformation could leak\n information which a remote attacker could use to perform\n cross site request forgeries.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1927\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2041\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2560\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/phpmyadmin\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3627\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the phpmyadmin packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 4:4.2.12-2+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"phpmyadmin\", reference:\"4:4.2.12-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T10:52:12", "description": "The phpMyAdmin development team reports :\n\nBy calling some scripts that are part of phpMyAdmin in an unexpected\nway, it is possible to trigger phpMyAdmin to display a PHP error\nmessage which contains the full path of the directory where phpMyAdmin\nis installed.\n\nWe consider these vulnerabilities to be non-critical.\n\nThis path disclosure is possible on servers where the recommended\nsetting of the PHP configuration directive display_errors is set to\non, which is against the recommendations given in the PHP manual for a\nproduction server.", "edition": 25, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-01-29T00:00:00", "title": "FreeBSD : phpmyadmin -- Multiple full path disclosure vulnerabilities (5d6a204f-c60b-11e5-bf36-6805ca0b3d42)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2038"], "modified": "2016-01-29T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:phpmyadmin"], "id": "FREEBSD_PKG_5D6A204FC60B11E5BF366805CA0B3D42.NASL", "href": "https://www.tenable.com/plugins/nessus/88467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88467);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-2038\");\n\n script_name(english:\"FreeBSD : phpmyadmin -- Multiple full path disclosure vulnerabilities (5d6a204f-c60b-11e5-bf36-6805ca0b3d42)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The phpMyAdmin development team reports :\n\nBy calling some scripts that are part of phpMyAdmin in an unexpected\nway, it is possible to trigger phpMyAdmin to display a PHP error\nmessage which contains the full path of the directory where phpMyAdmin\nis installed.\n\nWe consider these vulnerabilities to be non-critical.\n\nThis path disclosure is possible on servers where the recommended\nsetting of the PHP configuration directive display_errors is set to\non, which is against the recommendations given in the PHP manual for a\nproduction server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2016-1/\"\n );\n # https://vuxml.freebsd.org/freebsd/5d6a204f-c60b-11e5-bf36-6805ca0b3d42.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c9b7ff54\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"phpmyadmin>=4.5.0<4.5.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T10:53:01", "description": "The phpMyAdmin development team reports :\n\n- With a crafted table name it is possible to trigger an XSS attack in\nthe database search page.\n\n- With a crafted SET value or a crafted search query, it is possible\nto trigger an XSS attacks in the zoom search page.\n\n- With a crafted hostname header, it is possible to trigger an XSS\nattacks in the home page.\n\nWe consider these vulnerabilities to be non-critical.\n\nThese vulnerabilities can be triggered only by someone who is logged\nin to phpMyAdmin, as the usual token protection prevents non-logged-in\nusers from accessing the required pages.", "edition": 25, "cvss3": {"score": 5.4, "vector": "AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}, "published": "2016-01-29T00:00:00", "title": "FreeBSD : phpmyadmin -- Multiple XSS vulnerabilities (6cc06eec-c60b-11e5-bf36-6805ca0b3d42)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040"], "modified": "2016-01-29T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:phpmyadmin"], "id": "FREEBSD_PKG_6CC06EECC60B11E5BF366805CA0B3D42.NASL", "href": "https://www.tenable.com/plugins/nessus/88469", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88469);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-2040\");\n\n script_name(english:\"FreeBSD : phpmyadmin -- Multiple XSS vulnerabilities (6cc06eec-c60b-11e5-bf36-6805ca0b3d42)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The phpMyAdmin development team reports :\n\n- With a crafted table name it is possible to trigger an XSS attack in\nthe database search page.\n\n- With a crafted SET value or a crafted search query, it is possible\nto trigger an XSS attacks in the zoom search page.\n\n- With a crafted hostname header, it is possible to trigger an XSS\nattacks in the home page.\n\nWe consider these vulnerabilities to be non-critical.\n\nThese vulnerabilities can be triggered only by someone who is logged\nin to phpMyAdmin, as the usual token protection prevents non-logged-in\nusers from accessing the required pages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2016-3/\"\n );\n # https://vuxml.freebsd.org/freebsd/6cc06eec-c60b-11e5-bf36-6805ca0b3d42.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e72632b4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"phpmyadmin>=4.5.0<4.5.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2021-02-02T06:28:04", "description": "phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-02-20T01:59:00", "title": "CVE-2016-2038", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2038"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:4.0.10.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.2", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.9", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.14.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.2", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.4", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.11", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.3", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.9", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.3", "cpe:/o:opensuse:leap:42.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.10", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6", "cpe:/a:phpmyadmin:phpmyadmin:4.5.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.6", "cpe:/a:phpmyadmin:phpmyadmin:4.4.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.0", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6.1", "cpe:/o:fedoraproject:fedora:22", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.4", "cpe:/o:fedoraproject:fedora:23", "cpe:/a:phpmyadmin:phpmyadmin:4.4.11", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13.1"], "id": "CVE-2016-2038", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2038", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:04", "description": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) search query, or (4) hostname in a Location header.", "edition": 4, "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.4, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-02-20T01:59:00", "title": "CVE-2016-2040", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2040"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:4.0.10.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.2", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.9", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.14.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.2", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.4", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.11", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.3", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.9", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.3", "cpe:/o:opensuse:leap:42.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.10", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6", "cpe:/a:phpmyadmin:phpmyadmin:4.5.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.6", "cpe:/a:phpmyadmin:phpmyadmin:4.4.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.0", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6.1", "cpe:/o:fedoraproject:fedora:22", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.4", "cpe:/o:fedoraproject:fedora:23", "cpe:/a:phpmyadmin:phpmyadmin:4.4.11", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13.1"], "id": "CVE-2016-2040", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2040", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:04", "description": "libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-02-20T01:59:00", "title": "CVE-2016-2041", "type": "cve", "cwe": ["CWE-254"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2041"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:4.0.10.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.2", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.9", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.14.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.2", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.4", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.11", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.3", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.9", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.3", "cpe:/o:opensuse:leap:42.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.10", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6", "cpe:/a:phpmyadmin:phpmyadmin:4.5.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.6", "cpe:/a:phpmyadmin:phpmyadmin:4.4.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.0", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6.1", "cpe:/o:fedoraproject:fedora:22", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.4", "cpe:/o:fedoraproject:fedora:23", "cpe:/a:phpmyadmin:phpmyadmin:4.4.11", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13.1"], "id": "CVE-2016-2041", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2041", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:04", "description": "libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-02-20T01:59:00", "title": "CVE-2016-2039", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2039"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:4.0.10.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.2", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.9", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.14.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.2", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.4", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.11", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.3", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.9", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.3", "cpe:/o:opensuse:leap:42.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.10", "cpe:/o:fedoraproject:fedora:24", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6", "cpe:/a:phpmyadmin:phpmyadmin:4.5.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.6", "cpe:/a:phpmyadmin:phpmyadmin:4.4.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.0", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.4", "cpe:/o:fedoraproject:fedora:23", "cpe:/a:phpmyadmin:phpmyadmin:4.4.11", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13.1"], "id": "CVE-2016-2039", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2039", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:04", "description": "The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-02-20T01:59:00", "title": "CVE-2016-1927", "type": "cve", "cwe": ["CWE-255", "CWE-254"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1927"], "modified": "2016-11-28T20:02:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:4.0.10.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.2", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.9", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.14.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.2", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.4", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.11", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.3", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.9", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.2", "cpe:/a:phpmyadmin:phpmyadmin:4.5.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.10", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6", "cpe:/a:phpmyadmin:phpmyadmin:4.5.3", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.6", "cpe:/a:phpmyadmin:phpmyadmin:4.4.12", "cpe:/a:phpmyadmin:phpmyadmin:4.0.0", "cpe:/a:phpmyadmin:phpmyadmin:4.0.10.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6.1", "cpe:/a:phpmyadmin:phpmyadmin:4.5.0.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.4", "cpe:/a:phpmyadmin:phpmyadmin:4.4.11", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13.1"], "id": "CVE-2016-1927", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1927", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.0.10.5:*:*:*:*:*:*:*"]}], "debian": [{"lastseen": "2019-05-30T02:22:29", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2040", "CVE-2016-2038", "CVE-2016-1927", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-2041", "CVE-2016-2045"], "description": "Package : phpmyadmin\nVersion : 4:3.4.11.1-2+deb7u4\nCVE ID : CVE-2016-1927 CVE-2016-2038 CVE-2016-2039 CVE-2016-2040 \n CVE-2016-2041 CVE-2016-2045 CVE-2016-2560\nDebian Bug : 825301\n\nThe previous security upload broke the search pages in phpMyAdmin. This\nwas caused by a broken patch applied to fix CVE-2016-2040.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n4:3.4.11.1-2+deb7u4.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 2, "modified": "2016-05-30T18:36:40", "published": "2016-05-30T18:36:40", "id": "DEBIAN:DLA-481-2:3E1D6", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201605/msg00048.html", "title": "[SECURITY] [DLA 481-2] phpmyadmin regression update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-08-12T00:51:14", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2040", "CVE-2016-2038", "CVE-2016-1927", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-2041", "CVE-2016-2045"], "description": "Package : phpmyadmin\nVersion : 4:3.4.11.1-2+deb7u3\nCVE ID : CVE-2016-1927 CVE-2016-2038 CVE-2016-2039 CVE-2016-2040 \n CVE-2016-2041 CVE-2016-2045 CVE-2016-2560\n\nThis security update fixes a number of security issues in\nphpMyAdmin. We recommend you upgrade your phpmyadmin packages.\n\nCVE-2016-1927\n\n suggestPassword generates weak passphrases\n\nCVE-2016-2038\n\n information disclosure via crafted requests\n\nCVE-2016-2039\n\n weak CSRF token values\n\nCVE-2016-2040\n\n XSS vulnerabilities in authenticated users\n\nCVE-2016-2041\n\n information breach in CSRF token comparison\n\nCVE-2016-2045\n\n XSS injection via crafted SQL queries\n\nCVE-2016-2560\n \n XSS injection\n\nFurther information about Debian LTS security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 6, "modified": "2016-05-18T18:59:39", "published": "2016-05-18T18:59:39", "id": "DEBIAN:DLA-481-1:91517", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201605/msg00033.html", "title": "[SECURITY] [DLA 481-1] phpmyadmin security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-08-12T01:01:03", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2039", "CVE-2016-2041"], "description": "Package : phpmyadmin\nVersion : 4:3.3.7-11\nCVE ID : CVE-2016-2039 CVE-2016-2041\n\nSeveral flaws were discovered in the CSRF authentication code of\nphpMyAdmin.\n\nCVE-2016-2039\n\n The XSRF/CSRF token is generated with a weak algorithm using\n functions that do not return cryptographically secure values.\n\nCVE-2016-2041\n\n The comparison of the XSRF/CSRF token parameter with the value saved\n in the session is vulnerable to timing attacks. Moreover, the\n comparison could be bypassed if the XSRF/CSRF token matches a\n particular pattern.\n", "edition": 8, "modified": "2016-01-30T23:02:30", "published": "2016-01-30T23:02:30", "id": "DEBIAN:DLA-406-1:87E3E", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201601/msg00031.html", "title": "[SECURITY] [DLA 406-1] phpmyadmin security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-30T02:22:29", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3627-1 security@debian.org\nhttps://www.debian.org/security/ Thijs Kinkhorst\nJuly 24, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : phpmyadmin\nCVE ID : CVE-2016-1927 CVE-2016-2039 CVE-2016-2040 CVE-2016-2041 \n CVE-2016-2560 CVE-2016-2561 CVE-2016-5099 CVE-2016-5701\n CVE-2016-5705 CVE-2016-5706 CVE-2016-5731 CVE-2016-5733\n CVE-2016-5739\n\nSeveral vulnerabilities have been fixed in phpMyAdmin, the web-based\nMySQL administration interface.\n\nCVE-2016-1927\n\n The suggestPassword function relied on a non-secure random number\n generator which makes it easier for remote attackers to guess\n generated passwords via a brute-force approach.\n\nCVE-2016-2039\n\n CSRF token values were generated by a non-secure random number\n genrator, which allows remote attackers to bypass intended access\n restrictions by predicting a value.\n\nCVE-2016-2040\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n authenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041\n\n phpMyAdmin does not use a constant-time algorithm for comparing\n CSRF tokens, which makes it easier for remote attackers to bypass\n intended access restrictions by measuring time differences.\n\nCVE-2016-2560\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701\n\n For installations running on plain HTTP, phpMyAdmin allows remote\n attackers to conduct BBCode injection attacks against HTTP sessions\n via a crafted URI.\n\nCVE-2016-5705\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706\n\n phpMyAdmin allows remote attackers to cause a denial of service\n (resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731\n\n A cross-site scripting (XSS) vulnerability allows remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739\n\n A specially crafted Transformation could leak information which\n a remote attacker could use to perform cross site request forgeries.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4:4.2.12-2+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.6.3-1.\n\nWe recommend that you upgrade your phpmyadmin packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "modified": "2016-07-24T16:03:48", "published": "2016-07-24T16:03:48", "id": "DEBIAN:DSA-3627-1:EBE43", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00205.html", "title": "[SECURITY] [DSA 3627-1] phpmyadmin security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "typo3": [{"lastseen": "2016-09-28T15:30:36", "bulletinFamily": "software", "cvelist": ["CVE-2016-2040", "CVE-2016-2042", "CVE-2016-2038", "CVE-2016-2043", "CVE-2015-8669", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041"], "edition": 1, "description": "It has been discovered that the extension \"phpMyAdmin\" (phpmyadmin) is susceptible to unsafe comparison of XSRF/CSRF token, multiple full path disclosure vulnerabilities, multiple XSS vulnerabilities, insecure password generation in JavaScript.\n\n**Release Date:** March 10, 2016\n\n**Component Type:** Third party extension. This extension is not a part of the TYPO3 default installation.\n\n**Affected Versions:** 5.1.4 and below\n\n**Vulnerability Type:** Unsafe Comparison of XSRF/CSRF token, Full Path Disclosure, Cross-Site Scripting, Insecure Password Generation\n\n**Severity:** High\n\n**Suggested CVSS v2.0:** [AV:N/AC:M/Au:S/C:C/I:C/A:P/E:ND/RL:O/RC:C](<http://jvnrss.ise.chuo-u.ac.jp/jtg/cvss/cvss2.cgi?vector=%28AV:N/AC:M/Au:S/C:C/I:C/A:P/E:ND/RL:O/RC:C%29&g=2&lang=en> \"CVSS calculator\" ) ([What's that?](<http://buzz.typo3.org/teams/security/article/use-of-common-vulnerability-scoring-system-in-typo3-security-advisories/> \"Blog post on CVSS usage\" ))\n\n**References:** [PMASA-2016-2](<https://www.phpmyadmin.net/security/PMASA-2016-2/>), [PMASA-2016-5](<https://www.phpmyadmin.net/security/PMASA-2016-5/>) (XSRF/CSRF), [PMASA-2015-6](<https://www.phpmyadmin.net/security/PMASA-2015-6/>), [PMASA-2016-1](<https://www.phpmyadmin.net/security/PMASA-2016-1/>), [PMASA-2016-6](<https://www.phpmyadmin.net/security/PMASA-2016-6/>) (FPD), [PMASA-2016-3](<https://www.phpmyadmin.net/security/PMASA-2016-3/>), [PMASA-2016-7](<https://www.phpmyadmin.net/security/PMASA-2016-7/>) (XSS) and [PMASA-2016-4](<https://www.phpmyadmin.net/security/PMASA-2016-4/>) (IPG)\n\n**Related CVE:** CVE-2016-2039, CVE-2016-2041 (XSRF/CSRF), CVE-2015-8669, CVE-2016-2038, CVE-2016-2042 (FPD), CVE-2016-2040, CVE-2016-2043 (XSS) and CVE-2016-1927 (IPG)\n\n**Problem Description:** Due to missing and wrong user input validation phpMyAdmin is susceptible to multiple vulnerabilities.\n\n**Solution:** An updated version 5.1.5 is available from the TYPO3 extension manager and at <https://typo3.org/extensions/repository/download/phpmyadmin/5.1.5/t3x/>. Users of the extension are advised to update the extension as soon as possible.\n\n**Note:** In general the TYPO3 Security Team recommends to **not use** any extension that bundles database or file management tools on production TYPO3 websites.\n\n**Credits:** Thanks to Andreas Beutel for providing a TYPO3 extension package with an updated phpMyAdmin version.\n\n**General advice:** Follow the recommendations that are given in the [TYPO3 Security Guide](<http://docs.typo3.org/typo3cms/SecurityGuide/> \"Initiates file download\" ). Please subscribe to the [typo3-announce mailing list](<http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-announce> \"Opens external link in new window\" ) to receive future Security Bulletins via E-mail.\n", "modified": "2016-03-10T00:00:00", "published": "2016-03-10T00:00:00", "id": "TYPO3-EXT-SA-2016-007", "href": "https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2016-007/", "type": "typo3", "title": "Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1927", "CVE-2016-2038", "CVE-2016-2039", "CVE-2016-2040", "CVE-2016-2041", "CVE-2016-2042", "CVE-2016-2043", "CVE-2016-2044", "CVE-2016-2045"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "modified": "2016-02-03T20:52:02", "published": "2016-02-03T20:52:02", "id": "FEDORA:4F6D8619640B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: phpMyAdmin-4.5.4.1-1.fc23", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1927", "CVE-2016-2038", "CVE-2016-2039", "CVE-2016-2040", "CVE-2016-2041", "CVE-2016-2042", "CVE-2016-2043", "CVE-2016-2044", "CVE-2016-2045"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "modified": "2016-02-01T06:34:04", "published": "2016-02-01T06:34:04", "id": "FEDORA:051106087A81", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: phpMyAdmin-4.5.4-1.fc22", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "f5": [{"lastseen": "2017-06-08T00:16:36", "bulletinFamily": "software", "cvelist": ["CVE-2016-2040", "CVE-2016-2042", "CVE-2016-2038", "CVE-2016-2044", "CVE-2016-2043", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041", "CVE-2016-2045"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None \n| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable| None \n \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0 \n| Not vulnerable| None \n \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0 \n| Not vulnerable| None \n \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0 \n| Not vulnerable| None \n \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable| None \n \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP DNS| None| 12.0.0 \n| Not vulnerable \n| None \n \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable| None \n \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable| None \n \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 \n| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0 \n| Not vulnerable \n| None \n \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nBIG-IP WebAccelerator| None \n| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable| None \n \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \n| Not vulnerable \n| None \n \nARX| None| 6.0.0 - 6.4.0 \n| Not vulnerable \n| None \n \nEnterprise Manager| None| 3.0.0 - 3.1.1 \n| Not vulnerable| None \n \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0 \n| Not vulnerable| None \n \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0 \n| Not vulnerable| None \n \nBIG-IQ Device| None| 4.2.0 - 4.5.0 \n| Not vulnerable| None \n \nBIG-IQ Security| None| 4.0.0 - 4.5.0 \n| Not vulnerable \n| None \n \nBIG-IQ ADC| None| 4.5.0 \n| Not vulnerable| None \n \nBIG-IQ Centralized Management| None| 4.6.0 \n| Not vulnerable| None \n \nBIG-IQ Cloud and Orchestration| None| 1.0.0 \n| Not vulnerable| None \n \nLineRate| None| 2.5.0 - 2.6.1 \n| Not vulnerable| None \n \nF5 WebSafe| None| 1.0.0 \n| Not vulnerable| None \n \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 \n \n| Not vulnerable \n| None \n\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2016-02-29T21:58:00", "published": "2016-02-29T21:58:00", "href": "https://support.f5.com/csp/article/K93445609", "id": "F5:K93445609", "title": "phpMyAdmin vulnerabilities", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-11-09T00:09:35", "bulletinFamily": "software", "cvelist": ["CVE-2016-2040", "CVE-2016-2042", "CVE-2016-2038", "CVE-2016-2044", "CVE-2016-2043", "CVE-2016-1927", "CVE-2016-2039", "CVE-2016-2041", "CVE-2016-2045"], "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "edition": 1, "modified": "2016-02-29T00:00:00", "published": "2016-02-29T00:00:00", "id": "SOL93445609", "href": "http://support.f5.com/kb/en-us/solutions/public/k/93/sol93445609.html", "type": "f5", "title": "SOL93445609 - phpMyAdmin vulnerabilities", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2038"], "description": "\nThe phpMyAdmin development team reports:\n\nBy calling some scripts that are part of phpMyAdmin in an\n\t unexpected way, it is possible to trigger phpMyAdmin to\n\t display a PHP error message which contains the full path of\n\t the directory where phpMyAdmin is installed.\nWe consider these vulnerabilities to be non-critical.\nThis path disclosure is possible on servers where the\n\t recommended setting of the PHP configuration directive\n\t display_errors is set to on, which is against the\n\t recommendations given in the PHP manual for a production\n\t server.\n\n", "edition": 4, "modified": "2016-01-28T00:00:00", "published": "2016-01-28T00:00:00", "id": "5D6A204F-C60B-11E5-BF36-6805CA0B3D42", "href": "https://vuxml.freebsd.org/freebsd/5d6a204f-c60b-11e5-bf36-6805ca0b3d42.html", "title": "phpmyadmin -- Multiple full path disclosure vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2040"], "description": "\nThe phpMyAdmin development team reports:\n\n\nWith a crafted table name it is possible to trigger\n\t an XSS attack in the database search page.\nWith a crafted SET value or a crafted search query, it\n\t is possible to trigger an XSS attacks in the zoom search\n\t page.\nWith a crafted hostname header, it is possible to\n\t trigger an XSS attacks in the home page.\n\nWe consider these vulnerabilities to be non-critical.\nThese vulnerabilities can be triggered only by someone\n\t who is logged in to phpMyAdmin, as the usual token\n\t protection prevents non-logged-in users from accessing the\n\t required pages.\n\n", "edition": 4, "modified": "2016-01-28T00:00:00", "published": "2016-01-28T00:00:00", "id": "6CC06EEC-C60B-11E5-BF36-6805CA0B3D42", "href": "https://vuxml.freebsd.org/freebsd/6cc06eec-c60b-11e5-bf36-6805ca0b3d42.html", "title": "phpmyadmin -- Multiple XSS vulnerabilities", "type": "freebsd", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2041"], "description": "\nThe phpMyAdmin development team reports:\n\nThe comparison of the XSRF/CSRF token parameter with the\n\t value saved in the session is vulnerable to timing\n\t attacks. Moreover, the comparison could be bypassed if the\n\t XSRF/CSRF token matches a particular pattern.\nWe consider this vulnerability to be serious.\n\n", "edition": 4, "modified": "2016-01-28T00:00:00", "published": "2016-01-28T00:00:00", "id": "71B24D99-C60B-11E5-BF36-6805CA0B3D42", "href": "https://vuxml.freebsd.org/freebsd/71b24d99-c60b-11e5-bf36-6805ca0b3d42.html", "title": "phpmyadmin -- Unsafe comparison of XSRF/CSRF token", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2039"], "description": "\nThe phpMyAdmin development team reports:\n\nThe XSRF/CSRF token is generated with a weak algorithm\n\t using functions that do not return cryptographically secure\n\t values.\nWe consider this vulnerability to be non-critical.\n\n", "edition": 4, "modified": "2016-01-28T00:00:00", "published": "2016-01-28T00:00:00", "id": "60AB0E93-C60B-11E5-BF36-6805CA0B3D42", "href": "https://vuxml.freebsd.org/freebsd/60ab0e93-c60b-11e5-bf36-6805ca0b3d42.html", "title": "phpmyadmin -- Unsafe generation of XSRF/CSRF token", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1927"], "description": "\nThe phpMyAdmin development team reports:\n\nPassword suggestion functionality uses Math.random()\n\t which does not provide cryptographically secure random\n\t numbers.\nWe consider this vulnerability to be non-critical.\n\n", "edition": 4, "modified": "2016-01-28T00:00:00", "published": "2016-01-28T00:00:00", "id": "6F0C2D1B-C60B-11E5-BF36-6805CA0B3D42", "href": "https://vuxml.freebsd.org/freebsd/6f0c2d1b-c60b-11e5-bf36-6805ca0b3d42.html", "title": "phpmyadmin -- Insecure password generation in JavaScript", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "phpmyadmin": [{"lastseen": "2019-05-29T19:31:00", "bulletinFamily": "software", "cvelist": ["CVE-2016-2038"], "description": "## PMASA-2016-1\n\n**Announcement-ID:** PMASA-2016-1\n\n**Date:** 2016-01-23\n\n### Summary\n\nMultiple full path disclosure vulnerabilities.\n\n### Description\n\nBy calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed.\n\n### Severity\n\nWe consider these vulnerabilities to be non-critical.\n\n### Mitigation factor\n\nThis path disclosure is possible on servers where the recommended setting of the PHP configuration directive display_errors is set to on, which is against the recommendations given in the PHP manual for a production server.\n\n### Affected Versions\n\nVersions 4.0.x (prior to 4.0.10.13), 4.4.x (prior to 4.4.15.3) and 4.5.x (prior to 4.5.4) are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.0.10.13 or newer, 4.4.15.3 or newer, 4.5.4 or newer or apply patch listed below.\n\n### References\n\nThanks to Emanuel Bronshtein [@e3amn2l](<https://twitter.com/e3amn2l>) for reporting these vulnerabilities.\n\nAssigned CVE ids: [CVE-2016-2038](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2038>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-200](<https://cwe.mitre.org/data/definitions/200.html>)\n\n### Patches\n\nThe following commits have been made on the 4.0 branch to fix this issue:\n\n * [ac81596bfcf0b3cae9f6bc821efa4aa1c7f0c81d](<https://github.com/phpmyadmin/phpmyadmin/commit/ac81596bfcf0b3cae9f6bc821efa4aa1c7f0c81d>)\n * [8023340a259ecae6a3bd9268f4e39d097bdf0146](<https://github.com/phpmyadmin/phpmyadmin/commit/8023340a259ecae6a3bd9268f4e39d097bdf0146>)\n * [215f4a8ebe717ba646be00fca8519cf768a902f5](<https://github.com/phpmyadmin/phpmyadmin/commit/215f4a8ebe717ba646be00fca8519cf768a902f5>)\n * [7056ca9458d26b24a6b1d9255073237c1636ca33](<https://github.com/phpmyadmin/phpmyadmin/commit/7056ca9458d26b24a6b1d9255073237c1636ca33>)\n * [25738352df8057b542eeac3237eb6fd1d3ba4289](<https://github.com/phpmyadmin/phpmyadmin/commit/25738352df8057b542eeac3237eb6fd1d3ba4289>)\n * [5b79467245b6e0a476775e2958b42088794f8e02](<https://github.com/phpmyadmin/phpmyadmin/commit/5b79467245b6e0a476775e2958b42088794f8e02>)\n\nThe following commits have been made on the 4.4 branch to fix this issue:\n\n * [b39c02b0a82b13d2198276d228051139e6b838d9](<https://github.com/phpmyadmin/phpmyadmin/commit/b39c02b0a82b13d2198276d228051139e6b838d9>)\n * [470cd68344e86915679356dcc2cdb88c63a1d91d](<https://github.com/phpmyadmin/phpmyadmin/commit/470cd68344e86915679356dcc2cdb88c63a1d91d>)\n * [b95360334d69b032b58cafb7d29db6670e9c7224](<https://github.com/phpmyadmin/phpmyadmin/commit/b95360334d69b032b58cafb7d29db6670e9c7224>)\n * [d63a8ab7e028925707902266fc989760118a4c72](<https://github.com/phpmyadmin/phpmyadmin/commit/d63a8ab7e028925707902266fc989760118a4c72>)\n * [879a14ad165b475ec58ceab33687d7cc5913a63b](<https://github.com/phpmyadmin/phpmyadmin/commit/879a14ad165b475ec58ceab33687d7cc5913a63b>)\n * [d0a9baef3728a37120d53dc0a96abf04ace139da](<https://github.com/phpmyadmin/phpmyadmin/commit/d0a9baef3728a37120d53dc0a96abf04ace139da>)\n\nThe following commits have been made on the 4.5 branch to fix this issue:\n\n * [5aee5035646c4fc617564cb0d3d58c0435d64d81](<https://github.com/phpmyadmin/phpmyadmin/commit/5aee5035646c4fc617564cb0d3d58c0435d64d81>)\n * [85ccdbb5b9c6c7a9830e5cb468662837a59a7aa3](<https://github.com/phpmyadmin/phpmyadmin/commit/85ccdbb5b9c6c7a9830e5cb468662837a59a7aa3>)\n * [447c88f4884fe30a25d38c331c31d820a19f8c93](<https://github.com/phpmyadmin/phpmyadmin/commit/447c88f4884fe30a25d38c331c31d820a19f8c93>)\n * [f83b52737e321005959497d8e8f59f8aaedc9048](<https://github.com/phpmyadmin/phpmyadmin/commit/f83b52737e321005959497d8e8f59f8aaedc9048>)\n * [76b10187c38634a29d6780f99f6dcd796191073b](<https://github.com/phpmyadmin/phpmyadmin/commit/76b10187c38634a29d6780f99f6dcd796191073b>)\n * [d4b9c22c1f8465bda5b6a83dc7e2cf59c3fe44e1](<https://github.com/phpmyadmin/phpmyadmin/commit/d4b9c22c1f8465bda5b6a83dc7e2cf59c3fe44e1>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-01-23T00:00:00", "published": "2016-01-23T00:00:00", "id": "PHPMYADMIN:PMASA-2016-1", "href": "https://www.phpmyadmin.net/security/PMASA-2016-1/", "title": "Multiple full path disclosure vulnerabilities.", "type": "phpmyadmin", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T19:31:06", "bulletinFamily": "software", "cvelist": ["CVE-2016-2040"], "description": "## PMASA-2016-3\n\n**Announcement-ID:** PMASA-2016-3\n\n**Date:** 2016-01-24\n\n### Summary\n\nMultiple XSS vulnerabilities.\n\n### Description\n\n * With a crafted table name it is possible to trigger an XSS attack in the database search page. \n * With a crafted SET value or a crafted search query, it is possible to trigger an XSS attacks in the zoom search page. \n * With a crafted hostname header, it is possible to trigger an XSS attacks in the home page. \n\n### Severity\n\nWe consider these vulnerabilities to be non-critical.\n\n### Mitigation factor\n\nThese vulnerabilities can be triggered only by someone who is logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required pages.\n\n### Affected Versions\n\nVersions 4.0.x (prior to 4.0.10.13), 4.4.x (prior to 4.4.15.3) and 4.5.x (prior to 4.5.4) are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.0.10.13 or newer, 4.4.15.3 or newer, 4.5.4 or newer or apply patch listed below.\n\n### References\n\nThanks to Emanuel Bronshtein [@e3amn2l](<https://twitter.com/e3amn2l>) for reporting these vulnerabilities.\n\nAssigned CVE ids: [CVE-2016-2040](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2040>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-79](<https://cwe.mitre.org/data/definitions/79.html>)\n\n### Patches\n\nThe following commits have been made on the 4.0 branch to fix this issue:\n\n * [9f3488fc3ab6b83618dbb4bebbea4b973764e2ac](<https://github.com/phpmyadmin/phpmyadmin/commit/9f3488fc3ab6b83618dbb4bebbea4b973764e2ac>)\n * [0ce4fd2750491a54d27f94cc1403f9da21738aa6](<https://github.com/phpmyadmin/phpmyadmin/commit/0ce4fd2750491a54d27f94cc1403f9da21738aa6>)\n * [27eb98faedcdcd0b856577fcbdfe3e87b2445345](<https://github.com/phpmyadmin/phpmyadmin/commit/27eb98faedcdcd0b856577fcbdfe3e87b2445345>)\n\nThe following commits have been made on the 4.4 branch to fix this issue:\n\n * [2b3f915f72bfe7eb9ae60a69582f041ddc55f663](<https://github.com/phpmyadmin/phpmyadmin/commit/2b3f915f72bfe7eb9ae60a69582f041ddc55f663>)\n * [75de41635d387e1c3c8d71a746241502a90c8422](<https://github.com/phpmyadmin/phpmyadmin/commit/75de41635d387e1c3c8d71a746241502a90c8422>)\n * [1414d60cbfe01a2d08ab9d5e6a7178a6323fca68](<https://github.com/phpmyadmin/phpmyadmin/commit/1414d60cbfe01a2d08ab9d5e6a7178a6323fca68>)\n\nThe following commits have been made on the 4.5 branch to fix this issue:\n\n * [75a55824012406a08c4debf5ddb7ae41c32a7dbc](<https://github.com/phpmyadmin/phpmyadmin/commit/75a55824012406a08c4debf5ddb7ae41c32a7dbc>)\n * [edffb52884b09562490081c3b8666ef46c296418](<https://github.com/phpmyadmin/phpmyadmin/commit/edffb52884b09562490081c3b8666ef46c296418>)\n * [aca42efa01917cc0fe8cfdb2927a6399ca1742f2](<https://github.com/phpmyadmin/phpmyadmin/commit/aca42efa01917cc0fe8cfdb2927a6399ca1742f2>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-01-24T00:00:00", "published": "2016-01-24T00:00:00", "id": "PHPMYADMIN:PMASA-2016-3", "href": "https://www.phpmyadmin.net/security/PMASA-2016-3/", "title": "Multiple XSS vulnerabilities.", "type": "phpmyadmin", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T19:31:02", "bulletinFamily": "software", "cvelist": ["CVE-2016-2041"], "description": "## PMASA-2016-5\n\n**Announcement-ID:** PMASA-2016-5\n\n**Date:** 2016-01-24\n\n### Summary\n\nUnsafe comparison of XSRF/CSRF token.\n\n### Description\n\nThe comparison of the XSRF/CSRF token parameter with the value saved in the session is vulnerable to timing attacks. Moreover, the comparison could be bypassed if the XSRF/CSRF token matches a particular pattern.\n\n### Severity\n\nWe consider this vulnerability to be serious.\n\n### Affected Versions\n\nVersions 4.0.x (prior to 4.0.10.13), 4.4.x (prior to 4.4.15.3) and 4.5.x (prior to 4.5.4) are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.0.10.13 or newer, 4.4.15.3 or newer, 4.5.4 or newer or apply patch listed below.\n\n### References\n\nThanks to Emanuel Bronshtein [@e3amn2l](<https://twitter.com/e3amn2l>) for reporting this vulnerability.\n\nAssigned CVE ids: [CVE-2016-2041](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2041>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-208](<https://cwe.mitre.org/data/definitions/208.html>)\n\n### Patches\n\nThe following commits have been made on the 4.0 branch to fix this issue:\n\n * [fe62b69a5b032de8e1d9d0a04456c1cecf46428c](<https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c>)\n\nThe following commits have been made on the 4.4 branch to fix this issue:\n\n * [3303b3d6c304d71da4a7d242307bf449aaa955c5](<https://github.com/phpmyadmin/phpmyadmin/commit/3303b3d6c304d71da4a7d242307bf449aaa955c5>)\n\nThe following commits have been made on the 4.5 branch to fix this issue:\n\n * [ec0e88e37ef30a66eada1c072953f4ec385a3e49](<https://github.com/phpmyadmin/phpmyadmin/commit/ec0e88e37ef30a66eada1c072953f4ec385a3e49>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-01-24T00:00:00", "published": "2016-01-24T00:00:00", "id": "PHPMYADMIN:PMASA-2016-5", "href": "https://www.phpmyadmin.net/security/PMASA-2016-5/", "title": "Unsafe comparison of XSRF/CSRF token.", "type": "phpmyadmin", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T19:31:05", "bulletinFamily": "software", "cvelist": ["CVE-2016-2039"], "description": "## PMASA-2016-2\n\n**Announcement-ID:** PMASA-2016-2\n\n**Date:** 2016-01-24\n\n### Summary\n\nUnsafe generation of XSRF/CSRF token.\n\n### Description\n\nThe XSRF/CSRF token is generated with a weak algorithm using functions that do not return cryptographically secure values.\n\n### Severity\n\nWe consider this vulnerability to be non-critical.\n\n### Affected Versions\n\nVersions 4.0.x (prior to 4.0.10.13), 4.4.x (prior to 4.4.15.3) and 4.5.x (prior to 4.5.4) are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.0.10.13 or newer, 4.4.15.3 or newer, 4.5.4 or newer or apply patch listed below.\n\n### References\n\nThanks to Emanuel Bronshtein [@e3amn2l](<https://twitter.com/e3amn2l>) for reporting this vulnerability.\n\nAssigned CVE ids: [CVE-2016-2039](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2039>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-338](<https://cwe.mitre.org/data/definitions/338.html>)\n\n### Patches\n\nThe following commits have been made on the 4.0 branch to fix this issue:\n\n * [6fe54dfa000dd6f43f237e859781fad7111ac1bd](<https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd>)\n\nThe following commits have been made on the 4.4 branch to fix this issue:\n\n * [91638c04d1f2c3977560a5b9db3ac3879a38691b](<https://github.com/phpmyadmin/phpmyadmin/commit/91638c04d1f2c3977560a5b9db3ac3879a38691b>)\n * [13384f7f47dadb02cfe950af0413c7d3e136df8e](<https://github.com/phpmyadmin/phpmyadmin/commit/13384f7f47dadb02cfe950af0413c7d3e136df8e>)\n\nThe following commits have been made on the 4.5 branch to fix this issue:\n\n * [f20970d32c3dfdf82aef7b6c244da1f769043813](<https://github.com/phpmyadmin/phpmyadmin/commit/f20970d32c3dfdf82aef7b6c244da1f769043813>)\n * [cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e](<https://github.com/phpmyadmin/phpmyadmin/commit/cb7748ac9cffcd1cd0f3081499cd4aafa9d1065e>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-01-24T00:00:00", "published": "2016-01-24T00:00:00", "id": "PHPMYADMIN:PMASA-2016-2", "href": "https://www.phpmyadmin.net/security/PMASA-2016-2/", "title": "Unsafe generation of XSRF/CSRF token.", "type": "phpmyadmin", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T19:30:59", "bulletinFamily": "software", "cvelist": ["CVE-2016-1927"], "description": "## PMASA-2016-4\n\n**Announcement-ID:** PMASA-2016-4\n\n**Date:** 2016-01-24\n\n### Summary\n\nInsecure password generation in JavaScript.\n\n### Description\n\nPassword suggestion functionality uses Math.random() which does not provide cryptographically secure random numbers.\n\n### Severity\n\nWe consider this vulnerability to be non-critical.\n\n### Affected Versions\n\nVersions 4.0.x (prior to 4.0.10.13), 4.4.x (prior to 4.4.15.3) and 4.5.x (prior to 4.5.4) are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.0.10.13 or newer, 4.4.15.3 or newer, 4.5.4 or newer or apply patch listed below.\n\n### References\n\nThanks to Emanuel Bronshtein [@e3amn2l](<https://twitter.com/e3amn2l>) for reporting this vulnerability.\n\nAssigned CVE ids: [CVE-2016-1927](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1927>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>) [CWE-338](<https://cwe.mitre.org/data/definitions/338.html>)\n\n### Patches\n\nThe following commits have been made on the 4.0 branch to fix this issue:\n\n * [6a96e67487f2faecb4de4204fee9b96b94020720](<https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee9b96b94020720>)\n * [2369daa7f5f550797f560e6b46a021e4558c2d72](<https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a021e4558c2d72>)\n\nThe following commits have been made on the 4.4 branch to fix this issue:\n\n * [8b6737735be5787d0b98c6cdfe2c7e3131b1bc95](<https://github.com/phpmyadmin/phpmyadmin/commit/8b6737735be5787d0b98c6cdfe2c7e3131b1bc95>)\n * [5530a72e162fab442218486a90ff3365c96fde98](<https://github.com/phpmyadmin/phpmyadmin/commit/5530a72e162fab442218486a90ff3365c96fde98>)\n\nThe following commits have been made on the 4.5 branch to fix this issue:\n\n * [8dedcc1a175eb07debd4fe116407c43694c60b22](<https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22>)\n * [912856b432d794201884c36e5f390d446339b6e4](<https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-01-24T00:00:00", "published": "2016-01-24T00:00:00", "id": "PHPMYADMIN:PMASA-2016-4", "href": "https://www.phpmyadmin.net/security/PMASA-2016-4/", "title": "Insecure password generation in JavaScript.", "type": "phpmyadmin", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
