Fedora Update for phpMyAdmin FEDORA-2016-55261b6815
2016-06-08T00:00:00
ID OPENVAS:1361412562310808343 Type openvas Reporter Copyright (C) 2016 Greenbone Networks GmbH Modified 2019-03-15T00:00:00
Description
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for phpMyAdmin FEDORA-2016-55261b6815
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.808343");
script_version("$Revision: 14223 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
script_tag(name:"creation_date", value:"2016-06-08 15:52:28 +0200 (Wed, 08 Jun 2016)");
script_cve_id("CVE-2016-5097", "CVE-2016-5098", "CVE-2016-5099");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"qod_type", value:"package");
script_name("Fedora Update for phpMyAdmin FEDORA-2016-55261b6815");
script_tag(name:"summary", value:"The remote host is missing an update for the 'phpMyAdmin'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"affected", value:"phpMyAdmin on Fedora 23");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_xref(name:"FEDORA", value:"2016-55261b6815");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6YVTA2PABIGAWSTWQFNEAZIEFWJ44ES");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2016 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC23");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "FC23")
{
if ((res = isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~4.6.2~1.fc23", rls:"FC23")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310808343", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for phpMyAdmin FEDORA-2016-55261b6815", "description": "The remote host is missing an update for the ", "published": "2016-06-08T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808343", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6YVTA2PABIGAWSTWQFNEAZIEFWJ44ES", "2016-55261b6815"], "cvelist": ["CVE-2016-5098", "CVE-2016-5097", "CVE-2016-5099"], "lastseen": "2019-05-29T18:35:22", "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-5098", "CVE-2016-5097", "CVE-2016-5099"]}, {"type": "nessus", "idList": ["FEDORA_2016-CD05BD994A.NASL", "FEDORA_2016-55261B6815.NASL", "FREEBSD_PKG_00EC1BE122BB11E69EAD6805CA0B3D42.NASL", "OPENSUSE-2016-712.NASL", "OPENSUSE-2016-655.NASL", "FEDORA_2016-E3240782EC.NASL", "GENTOO_GLSA-201701-32.NASL", "DEBIAN_DSA-3627.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703627", "OPENVAS:1361412562310808324", "OPENVAS:1361412562310808449", "OPENVAS:1361412562310808252", "OPENVAS:1361412562310808254", "OPENVAS:1361412562310808253", "OPENVAS:703627"]}, {"type": "fedora", "idList": ["FEDORA:B6C2D60874A5", "FEDORA:3B02C608B7CC", "FEDORA:C745060D01F7"]}, {"type": "freebsd", "idList": ["00EC1BE1-22BB-11E6-9EAD-6805CA0B3D42"]}, {"type": "phpmyadmin", "idList": ["PHPMYADMIN:PMASA-2016-15", "PHPMYADMIN:PMASA-2016-16", "PHPMYADMIN:PMASA-2016-14"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3627-1:EBE43"]}, {"type": "gentoo", "idList": ["GLSA-201701-32"]}], "modified": "2019-05-29T18:35:22", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2019-05-29T18:35:22", "rev": 2}, "vulnersScore": 6.1}, "pluginID": "1361412562310808343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2016-55261b6815\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808343\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-08 15:52:28 +0200 (Wed, 08 Jun 2016)\");\n script_cve_id(\"CVE-2016-5097\", \"CVE-2016-5098\", \"CVE-2016-5099\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2016-55261b6815\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"phpMyAdmin on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-55261b6815\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6YVTA2PABIGAWSTWQFNEAZIEFWJ44ES\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.6.2~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}
{"cve": [{"lastseen": "2020-12-09T20:07:39", "description": "phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-07-05T01:59:00", "title": "CVE-2016-5097", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5097"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:13.1", "cpe:/a:phpmyadmin:phpmyadmin:4.6.1"], "id": "CVE-2016-5097", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5097", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:10:46", "description": "Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error.\nPer <a href=\"https://www.phpmyadmin.net/security/PMASA-2016-15/\">Vendor Advisory</a>: \"No released version was vulnerable.\"", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2016-07-05T01:59:00", "title": "CVE-2016-5098", "type": "cve", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5098"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:13.1", "cpe:/a:phpmyadmin:phpmyadmin:4.6.2"], "id": "CVE-2016-5098", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5098", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:10:46", "description": "Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-07-05T01:59:00", "title": "CVE-2016-5099", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5099"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:4.4.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.10", "cpe:/a:phpmyadmin:phpmyadmin:4.4.5", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.2", "cpe:/a:phpmyadmin:phpmyadmin:4.4.7", "cpe:/a:phpmyadmin:phpmyadmin:4.4.9", "cpe:/a:phpmyadmin:phpmyadmin:4.4.14.1", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:phpmyadmin:phpmyadmin:4.6.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.4", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.5", "cpe:/a:phpmyadmin:phpmyadmin:4.6.0", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13", "cpe:/a:phpmyadmin:phpmyadmin:4.4.1.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.8", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.3", "cpe:/a:phpmyadmin:phpmyadmin:4.4.15.3", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6", "cpe:/a:phpmyadmin:phpmyadmin:4.4.12", "cpe:/a:phpmyadmin:phpmyadmin:4.4.6.1", "cpe:/a:phpmyadmin:phpmyadmin:4.4.4", "cpe:/a:phpmyadmin:phpmyadmin:4.4.11", "cpe:/a:phpmyadmin:phpmyadmin:4.4.13.1"], "id": "CVE-2016-5099", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5099", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.15.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:4.4.1.1:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5097", "CVE-2016-5098", "CVE-2016-5099"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "modified": "2016-06-01T20:23:50", "published": "2016-06-01T20:23:50", "id": "FEDORA:C745060D01F7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: phpMyAdmin-4.6.2-1.fc23", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5097", "CVE-2016-5098", "CVE-2016-5099"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "modified": "2016-06-05T02:52:00", "published": "2016-06-05T02:52:00", "id": "FEDORA:3B02C608B7CC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: phpMyAdmin-4.6.2-1.fc22", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5097", "CVE-2016-5098", "CVE-2016-5099"], "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "modified": "2016-06-18T19:57:20", "published": "2016-06-18T19:57:20", "id": "FEDORA:B6C2D60874A5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: phpMyAdmin-4.6.2-1.fc24", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:35:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5098", "CVE-2016-5097", "CVE-2016-5099"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-06-19T00:00:00", "id": "OPENVAS:1361412562310808449", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808449", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2016-e3240782ec", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2016-e3240782ec\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808449\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-19 05:26:26 +0200 (Sun, 19 Jun 2016)\");\n script_cve_id(\"CVE-2016-5097\", \"CVE-2016-5098\", \"CVE-2016-5099\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2016-e3240782ec\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"phpMyAdmin on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-e3240782ec\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O73M5YG7CBPWRD2L3N5OAY6G6VUWJWV3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.6.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:35:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5098", "CVE-2016-5097", "CVE-2016-5099"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-06-08T00:00:00", "id": "OPENVAS:1361412562310808324", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808324", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2016-cd05bd994a", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2016-cd05bd994a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808324\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-08 15:38:28 +0200 (Wed, 08 Jun 2016)\");\n script_cve_id(\"CVE-2016-5097\", \"CVE-2016-5098\", \"CVE-2016-5099\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2016-cd05bd994a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"phpMyAdmin on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-cd05bd994a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMEL2FBUCN66IW6U3FEBHI2AEVB7ZBSE\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.6.2~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-12T17:21:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5098", "CVE-2016-5097"], "description": "This host is installed with phpMyAdmin\n and is prone to multiple information disclosure vulnerabilities.", "modified": "2020-05-08T00:00:00", "published": "2016-08-04T00:00:00", "id": "OPENVAS:1361412562310808252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808252", "type": "openvas", "title": "phpMyAdmin Multiple Information Disclosure Vulnerabilities", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# phpMyAdmin Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808252\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_cve_id(\"CVE-2016-5098\", \"CVE-2016-5097\");\n script_bugtraq_id(90878, 90881);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 13:01:28 +0530 (Thu, 04 Aug 2016)\");\n script_name(\"phpMyAdmin Multiple Information Disclosure Vulnerabilities\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\");\n script_require_ports(\"Services/www\", 80);\n\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-15\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-14\");\n script_xref(name:\"URL\", value:\"https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8\");\n\n script_tag(name:\"summary\", value:\"This host is installed with phpMyAdmin\n and is prone to multiple information disclosure vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Send a crafted request via HTTP GET and\n check whether it is able to obtain sensitive information or not.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws are due to,\n\n - A directory traversal vulnerability in 'libraries/error_report.lib.php'\n script.\n\n - The tokens are placed in query strings and does not arrange for them to be\n stripped before external navigation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to determine the existence of arbitrary files by triggering an error\n and also to obtain sensitive information by reading (1) HTTP requests or (2)\n server logs.\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin versions before 4.6.2\");\n\n script_tag(name:\"solution\", value:\"Upgrade to phpMyAdmin version 4.6.2 or\n later.\");\n\n script_tag(name:\"qod_type\", value:\"remote_active\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nif(!http_port = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!dir = get_app_location(cpe:CPE, port:http_port)){\n exit(0);\n}\n\nurl = dir + '/libraries/error_report.lib.php';\n\nif(http_vuln_check(port:http_port, url:url, check_header:TRUE,\n pattern:\"Fatal error.*libraries/Util.class.php' \\(include_path=.*/libraries/error_report.lib.php\"))\n{\n report = http_report_vuln_url(port:http_port, url:url);\n security_message(port:http_port, data:report);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5099"], "description": "This host is installed with phpMyAdmin\n and is prone to cross site scripting vulnerability.", "modified": "2018-10-24T00:00:00", "published": "2016-08-04T00:00:00", "id": "OPENVAS:1361412562310808254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808254", "type": "openvas", "title": "phpMyAdmin Double URL Decoding Cross Site Scripting Vulnerability (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_phpmyadmin_xss_vuln01_aug16_lin.nasl 12051 2018-10-24 09:14:54Z asteins $\n#\n# phpMyAdmin Double URL Decoding Cross Site Scripting Vulnerability (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808254\");\n script_version(\"$Revision: 12051 $\");\n script_cve_id(\"CVE-2016-5099\");\n script_bugtraq_id(90877);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-24 11:14:54 +0200 (Wed, 24 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 13:01:28 +0530 (Thu, 04 Aug 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"phpMyAdmin Double URL Decoding Cross Site Scripting Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with phpMyAdmin\n and is prone to cross site scripting vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an insufficient validation\n of user supplied inputs that are mishandled during double URL decoding.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to inject arbitrary web script or HTML via special characters.\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin versions 4.4.x before 4.4.15.6\n and 4.6.x before 4.6.2 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to phpMyAdmin version 4.4.15.6 or\n 4.6.2 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-16\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!phpPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!phpVer = get_app_version(cpe:CPE, port:phpPort)) exit(0);\n\nif(phpVer =~ \"^(4\\.4)\")\n{\n if(version_is_less(version:phpVer, test_version:\"4.4.15.6\"))\n {\n fix = \"4.4.15.6\";\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^(4\\.6)\")\n{\n if(version_is_less(version:phpVer, test_version:\"4.6.2\"))\n {\n fix = \"4.6.2\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(port:phpPort, data:report);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5099"], "description": "This host is installed with phpMyAdmin\n and is prone to cross site scripting vulnerability.", "modified": "2018-10-10T00:00:00", "published": "2016-08-04T00:00:00", "id": "OPENVAS:1361412562310808253", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808253", "type": "openvas", "title": "phpMyAdmin Double URL Decoding Cross Site Scripting Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_phpmyadmin_xss_vuln01_aug16_win.nasl 11811 2018-10-10 09:55:00Z asteins $\n#\n# phpMyAdmin Double URL Decoding Cross Site Scripting Vulnerability (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808253\");\n script_version(\"$Revision: 11811 $\");\n script_cve_id(\"CVE-2016-5099\");\n script_bugtraq_id(90877);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-10 11:55:00 +0200 (Wed, 10 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 13:01:28 +0530 (Thu, 04 Aug 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"phpMyAdmin Double URL Decoding Cross Site Scripting Vulnerability (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with phpMyAdmin\n and is prone to cross site scripting vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an insufficient validation\n of user supplied inputs that are mishandled during double URL decoding.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to inject arbitrary web script or HTML via special characters.\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin versions 4.4.x before 4.4.15.6\n and 4.6.x before 4.6.2 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to phpMyAdmin version 4.4.15.6 or\n 4.6.2 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2016-16\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 80);\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!phpPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!phpVer = get_app_version(cpe:CPE, port:phpPort)) exit(0);\n\nif(phpVer =~ \"^(4\\.4)\")\n{\n if(version_is_less(version:phpVer, test_version:\"4.4.15.6\"))\n {\n fix = \"4.4.15.6\";\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^(4\\.6)\")\n{\n if(version_is_less(version:phpVer, test_version:\"4.6.2\"))\n {\n fix = \"4.6.2\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(port:phpPort, data:report);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "description": "Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927\nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039\nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041\nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701\nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706\nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731\nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739\nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.", "modified": "2019-03-18T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:1361412562310703627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703627", "type": "openvas", "title": "Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3627.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3627-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703627\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\",\n \"CVE-2016-2560\", \"CVE-2016-2561\", \"CVE-2016-5099\", \"CVE-2016-5701\",\n \"CVE-2016-5705\", \"CVE-2016-5706\", \"CVE-2016-5731\", \"CVE-2016-5733\",\n \"CVE-2016-5739\");\n script_name(\"Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:58:14 +0530 (Tue, 02 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3627.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"phpmyadmin on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 4:4.2.12-2+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.6.3-1.\n\nWe recommend that you upgrade your phpmyadmin packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927\nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039\nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041\nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701\nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706\nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731\nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733\nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739\nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"phpmyadmin\", ver:\"4:4.2.12-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:55:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "description": "Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927 \nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039 \nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041 \nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701 \nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706 \nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731 \nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739 \nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.", "modified": "2017-07-07T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:703627", "href": "http://plugins.openvas.org/nasl.php?oid=703627", "type": "openvas", "title": "Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3627.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3627-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703627);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\",\n \"CVE-2016-2560\", \"CVE-2016-2561\", \"CVE-2016-5099\", \"CVE-2016-5701\",\n \"CVE-2016-5705\", \"CVE-2016-5706\", \"CVE-2016-5731\", \"CVE-2016-5733\",\n \"CVE-2016-5739\");\n script_name(\"Debian Security Advisory DSA 3627-1 (phpmyadmin - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:58:14 +0530 (Tue, 02 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3627.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"phpmyadmin on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package allows administering of MySQL\nor MariaDB with a web interface.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 4:4.2.12-2+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.6.3-1.\n\nWe recommend that you upgrade your phpmyadmin packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been fixed in\nphpMyAdmin, the web-based MySQL administration interface.\n\nCVE-2016-1927 \nThe suggestPassword function relied on a non-secure random number\ngenerator which makes it easier for remote attackers to guess\ngenerated passwords via a brute-force approach.\n\nCVE-2016-2039 \nCSRF token values were generated by a non-secure random number\ngenerator, which allows remote attackers to bypass intended access\nrestrictions by predicting a value.\n\nCVE-2016-2040 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nauthenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041 \nphpMyAdmin does not use a constant-time algorithm for comparing\nCSRF tokens, which makes it easier for remote attackers to bypass\nintended access restrictions by measuring time differences.\n\nCVE-2016-2560 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701 \nFor installations running on plain HTTP, phpMyAdmin allows remote\nattackers to conduct BBCode injection attacks against HTTP sessions\nvia a crafted URI.\n\nCVE-2016-5705 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706 \nphpMyAdmin allows remote attackers to cause a denial of service\n(resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731 \nA cross-site scripting (XSS) vulnerability allows remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733 \nMultiple cross-site scripting (XSS) vulnerabilities allow remote\nattackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739 \nA specially crafted Transformation could leak information which\na remote attacker could use to perform cross site request forgeries.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"phpmyadmin\", ver:\"4:4.2.12-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2020-06-05T11:13:00", "description": "This phpMyAdmin update to version 4.4.15.6 fixes the following \nissues :\n\nSecurity issues fixed :\n\n - PMASA-2016-16 (CVE-2016-5099, CWE-661): Self XSS, see\n https://www.phpmyadmin.net/security/PMASA-2016-16/\n\n - PMASA-2016-15 (CVE-2016-5098, CWE-661): File Traversal\n Protection Bypass on Error Reporting, see\n https://www.phpmyadmin.net/security/PMASA-2016-15/\n\n - PMASA-2016-14 (CVE-2016-5097, CWE-661): Sensitive Data\n in URL GET Query Parameters, see\n https://www.phpmyadmin.net/security/PMASA-2016-14/", "edition": 17, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2016-06-14T00:00:00", "title": "openSUSE Security Update : phpMyAdmin (openSUSE-2016-712)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5098", "CVE-2016-5097", "CVE-2016-5099"], "modified": "2016-06-14T00:00:00", "cpe": ["cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:phpMyAdmin"], "id": "OPENSUSE-2016-712.NASL", "href": "https://www.tenable.com/plugins/nessus/91587", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-712.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91587);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2016-5097\", \"CVE-2016-5098\", \"CVE-2016-5099\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin (openSUSE-2016-712)\");\n script_summary(english:\"Check for the openSUSE-2016-712 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This phpMyAdmin update to version 4.4.15.6 fixes the following \nissues :\n\nSecurity issues fixed :\n\n - PMASA-2016-16 (CVE-2016-5099, CWE-661): Self XSS, see\n https://www.phpmyadmin.net/security/PMASA-2016-16/\n\n - PMASA-2016-15 (CVE-2016-5098, CWE-661): File Traversal\n Protection Bypass on Error Reporting, see\n https://www.phpmyadmin.net/security/PMASA-2016-15/\n\n - PMASA-2016-14 (CVE-2016-5097, CWE-661): Sensitive Data\n in URL GET Query Parameters, see\n https://www.phpmyadmin.net/security/PMASA-2016-14/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=982128\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2016-14/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2016-15/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2016-16/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"phpMyAdmin-4.4.15.6-57.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T10:46:42", "description": "The phpmyadmin development team reports : Description Because user SQL\nqueries are part of the URL, sensitive information made as part of a\nuser query can be exposed by clicking on external links to attackers\nmonitoring user GET query parameters or included in the webserver\nlogs. Severity We consider this to be non-critical. Description A\nspecially crafted attack could allow for special HTML characters to be\npassed as URL encoded values and displayed back as special characters\nin the page. Severity We consider this to be non-critical.", "edition": 25, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2016-05-26T00:00:00", "title": "FreeBSD : phpmyadmin -- XSS and sensitive data leakage (00ec1be1-22bb-11e6-9ead-6805ca0b3d42)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5097", "CVE-2016-5099"], "modified": "2016-05-26T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:phpmyadmin"], "id": "FREEBSD_PKG_00EC1BE122BB11E69EAD6805CA0B3D42.NASL", "href": "https://www.tenable.com/plugins/nessus/91332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91332);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5097\", \"CVE-2016-5099\");\n\n script_name(english:\"FreeBSD : phpmyadmin -- XSS and sensitive data leakage (00ec1be1-22bb-11e6-9ead-6805ca0b3d42)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The phpmyadmin development team reports : Description Because user SQL\nqueries are part of the URL, sensitive information made as part of a\nuser query can be exposed by clicking on external links to attackers\nmonitoring user GET query parameters or included in the webserver\nlogs. Severity We consider this to be non-critical. Description A\nspecially crafted attack could allow for special HTML characters to be\npassed as URL encoded values and displayed back as special characters\nin the page. Severity We consider this to be non-critical.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2016-14/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2016-16/\"\n );\n # https://vuxml.freebsd.org/freebsd/00ec1be1-22bb-11e6-9ead-6805ca0b3d42.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b3dee82d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"phpmyadmin>=4.6.0<4.6.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:14:49", "description": "phpMyAdmin 4.6.2 (2016-05-25) =============================\n\n - [security] User SQL queries can be revealed through URL\n GET parameters, see PMASA-2016-14\n\n - [security] Self XSS vulneratbility, see PMASA-2016-16\n\n - Use https for documentation links\n\n - Fix schema export with too many tables\n\n - Avoid parsing non JSON responses as JSON\n\n - Avoid using too log URLs when getting javascripts\n\n - Fixed setting mixed case languages\n\n - Avoid storing objects in session when debugging SQL\n\n - Fix cookie path on IIS\n\n - Fix occassional 200 errors on Windows\n\n - Fix locking issues when importing SQL\n\n - Avoid confusing warning when mysql extension is missing\n\n - Improve handling of logout\n\n - Safer handling of sessions during authentication\n\n - Fix server selection on main page\n\n - Avoid storing full error data in session\n\n - Fixed export of ARCHIVE tables with keys\n\n - Add session reload for config authentication\n\n - Do not fail on errors stored in session\n\n - Fix loading of APC based upload progress bar\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-07-14T00:00:00", "title": "Fedora 22 : phpMyAdmin (2016-cd05bd994a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5097"], "modified": "2016-07-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:22", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2016-CD05BD994A.NASL", "href": "https://www.tenable.com/plugins/nessus/92163", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-cd05bd994a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92163);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5097\");\n script_xref(name:\"FEDORA\", value:\"2016-cd05bd994a\");\n\n script_name(english:\"Fedora 22 : phpMyAdmin (2016-cd05bd994a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin 4.6.2 (2016-05-25) =============================\n\n - [security] User SQL queries can be revealed through URL\n GET parameters, see PMASA-2016-14\n\n - [security] Self XSS vulneratbility, see PMASA-2016-16\n\n - Use https for documentation links\n\n - Fix schema export with too many tables\n\n - Avoid parsing non JSON responses as JSON\n\n - Avoid using too log URLs when getting javascripts\n\n - Fixed setting mixed case languages\n\n - Avoid storing objects in session when debugging SQL\n\n - Fix cookie path on IIS\n\n - Fix occassional 200 errors on Windows\n\n - Fix locking issues when importing SQL\n\n - Avoid confusing warning when mysql extension is missing\n\n - Improve handling of logout\n\n - Safer handling of sessions during authentication\n\n - Fix server selection on main page\n\n - Avoid storing full error data in session\n\n - Fixed export of ARCHIVE tables with keys\n\n - Add session reload for config authentication\n\n - Do not fail on errors stored in session\n\n - Fix loading of APC based upload progress bar\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-cd05bd994a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"phpMyAdmin-4.6.2-1.fc22\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:14:55", "description": "phpMyAdmin 4.6.2 (2016-05-25) =============================\n\n - [security] User SQL queries can be revealed through URL\n GET parameters, see PMASA-2016-14\n\n - [security] Self XSS vulneratbility, see PMASA-2016-16\n\n - Use https for documentation links\n\n - Fix schema export with too many tables\n\n - Avoid parsing non JSON responses as JSON\n\n - Avoid using too log URLs when getting javascripts\n\n - Fixed setting mixed case languages\n\n - Avoid storing objects in session when debugging SQL\n\n - Fix cookie path on IIS\n\n - Fix occassional 200 errors on Windows\n\n - Fix locking issues when importing SQL\n\n - Avoid confusing warning when mysql extension is missing\n\n - Improve handling of logout\n\n - Safer handling of sessions during authentication\n\n - Fix server selection on main page\n\n - Avoid storing full error data in session\n\n - Fixed export of ARCHIVE tables with keys\n\n - Add session reload for config authentication\n\n - Do not fail on errors stored in session\n\n - Fix loading of APC based upload progress bar\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-07-14T00:00:00", "title": "Fedora 24 : phpMyAdmin (2016-e3240782ec)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5097"], "modified": "2016-07-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:24", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2016-E3240782EC.NASL", "href": "https://www.tenable.com/plugins/nessus/92189", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-e3240782ec.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92189);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5097\");\n script_xref(name:\"FEDORA\", value:\"2016-e3240782ec\");\n\n script_name(english:\"Fedora 24 : phpMyAdmin (2016-e3240782ec)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin 4.6.2 (2016-05-25) =============================\n\n - [security] User SQL queries can be revealed through URL\n GET parameters, see PMASA-2016-14\n\n - [security] Self XSS vulneratbility, see PMASA-2016-16\n\n - Use https for documentation links\n\n - Fix schema export with too many tables\n\n - Avoid parsing non JSON responses as JSON\n\n - Avoid using too log URLs when getting javascripts\n\n - Fixed setting mixed case languages\n\n - Avoid storing objects in session when debugging SQL\n\n - Fix cookie path on IIS\n\n - Fix occassional 200 errors on Windows\n\n - Fix locking issues when importing SQL\n\n - Avoid confusing warning when mysql extension is missing\n\n - Improve handling of logout\n\n - Safer handling of sessions during authentication\n\n - Fix server selection on main page\n\n - Avoid storing full error data in session\n\n - Fixed export of ARCHIVE tables with keys\n\n - Add session reload for config authentication\n\n - Do not fail on errors stored in session\n\n - Fix loading of APC based upload progress bar\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3240782ec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"phpMyAdmin-4.6.2-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:14:15", "description": "phpMyAdmin 4.6.2 (2016-05-25) =============================\n\n - [security] User SQL queries can be revealed through URL\n GET parameters, see PMASA-2016-14\n\n - [security] Self XSS vulneratbility, see PMASA-2016-16\n\n - Use https for documentation links\n\n - Fix schema export with too many tables\n\n - Avoid parsing non JSON responses as JSON\n\n - Avoid using too log URLs when getting javascripts\n\n - Fixed setting mixed case languages\n\n - Avoid storing objects in session when debugging SQL\n\n - Fix cookie path on IIS\n\n - Fix occassional 200 errors on Windows\n\n - Fix locking issues when importing SQL\n\n - Avoid confusing warning when mysql extension is missing\n\n - Improve handling of logout\n\n - Safer handling of sessions during authentication\n\n - Fix server selection on main page\n\n - Avoid storing full error data in session\n\n - Fixed export of ARCHIVE tables with keys\n\n - Add session reload for config authentication\n\n - Do not fail on errors stored in session\n\n - Fix loading of APC based upload progress bar\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2016-07-14T00:00:00", "title": "Fedora 23 : phpMyAdmin (2016-55261b6815)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5097"], "modified": "2016-07-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:23", "p-cpe:/a:fedoraproject:fedora:phpMyAdmin"], "id": "FEDORA_2016-55261B6815.NASL", "href": "https://www.tenable.com/plugins/nessus/92097", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-55261b6815.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92097);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5097\");\n script_xref(name:\"FEDORA\", value:\"2016-55261b6815\");\n\n script_name(english:\"Fedora 23 : phpMyAdmin (2016-55261b6815)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin 4.6.2 (2016-05-25) =============================\n\n - [security] User SQL queries can be revealed through URL\n GET parameters, see PMASA-2016-14\n\n - [security] Self XSS vulneratbility, see PMASA-2016-16\n\n - Use https for documentation links\n\n - Fix schema export with too many tables\n\n - Avoid parsing non JSON responses as JSON\n\n - Avoid using too log URLs when getting javascripts\n\n - Fixed setting mixed case languages\n\n - Avoid storing objects in session when debugging SQL\n\n - Fix cookie path on IIS\n\n - Fix occassional 200 errors on Windows\n\n - Fix locking issues when importing SQL\n\n - Avoid confusing warning when mysql extension is missing\n\n - Improve handling of logout\n\n - Safer handling of sessions during authentication\n\n - Fix server selection on main page\n\n - Avoid storing full error data in session\n\n - Fixed export of ARCHIVE tables with keys\n\n - Add session reload for config authentication\n\n - Do not fail on errors stored in session\n\n - Fix loading of APC based upload progress bar\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-55261b6815\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"phpMyAdmin-4.6.2-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-06-05T11:13:00", "description": "phpMyAdmin was updated to fix one security issue.\n\nThe following vulnerability was fixed :\n\n - CVE-2016-5099: Self XSS vulneratbility - A specially\n crafted attack could allow for special HTML characters\n to be passed as URL encoded values and displayed back as\n special characters in the page (boo#982128,\n PMASA-2016-16)", "edition": 17, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2016-06-01T00:00:00", "title": "openSUSE Security Update : phpMyAdmin (openSUSE-2016-655)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5099"], "modified": "2016-06-01T00:00:00", "cpe": ["cpe:/o:novell:opensuse:42.1", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:phpMyAdmin"], "id": "OPENSUSE-2016-655.NASL", "href": "https://www.tenable.com/plugins/nessus/91405", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-655.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91405);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2016-5099\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin (openSUSE-2016-655)\");\n script_summary(english:\"Check for the openSUSE-2016-655 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"phpMyAdmin was updated to fix one security issue.\n\nThe following vulnerability was fixed :\n\n - CVE-2016-5099: Self XSS vulneratbility - A specially\n crafted attack could allow for special HTML characters\n to be passed as URL encoded values and displayed back as\n special characters in the page (boo#982128,\n PMASA-2016-16)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=982128\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"phpMyAdmin-4.4.15.6-33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"phpMyAdmin-4.4.15.6-19.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T09:49:43", "description": "Several vulnerabilities have been fixed in phpMyAdmin, the web-based\nMySQL administration interface.\n\n - CVE-2016-1927\n The suggestPassword function relied on a non-secure\n random number generator which makes it easier for remote\n attackers to guess generated passwords via a brute-force\n approach.\n\n - CVE-2016-2039\n CSRF token values were generated by a non-secure random\n number generator, which allows remote attackers to\n bypass intended access restrictions by predicting a\n value.\n\n - CVE-2016-2040\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote authenticated users to inject arbitrary web\n script or HTML.\n\n - CVE-2016-2041\n phpMyAdmin does not use a constant-time algorithm for\n comparing CSRF tokens, which makes it easier for remote\n attackers to bypass intended access restrictions by\n measuring time differences.\n\n - CVE-2016-2560\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-2561\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5099\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5701\n For installations running on plain HTTP, phpMyAdmin\n allows remote attackers to conduct BBCode injection\n attacks against HTTP sessions via a crafted URI.\n\n - CVE-2016-5705\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5706\n phpMyAdmin allows remote attackers to cause a denial of\n service (resource consumption) via a large array in the\n scripts parameter.\n\n - CVE-2016-5731\n A cross-site scripting (XSS) vulnerability allows remote\n attackers to inject arbitrary web script or HTML.\n\n - CVE-2016-5733\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5739\n A specially crafted Transformation could leak\n information which a remote attacker could use to perform\n cross site request forgeries.", "edition": 24, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-07-25T00:00:00", "title": "Debian DSA-3627-1 : phpmyadmin - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "modified": "2016-07-25T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:phpmyadmin"], "id": "DEBIAN_DSA-3627.NASL", "href": "https://www.tenable.com/plugins/nessus/92527", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3627. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92527);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1927\", \"CVE-2016-2039\", \"CVE-2016-2040\", \"CVE-2016-2041\", \"CVE-2016-2560\", \"CVE-2016-2561\", \"CVE-2016-5099\", \"CVE-2016-5701\", \"CVE-2016-5705\", \"CVE-2016-5706\", \"CVE-2016-5731\", \"CVE-2016-5733\", \"CVE-2016-5739\");\n script_xref(name:\"DSA\", value:\"3627\");\n\n script_name(english:\"Debian DSA-3627-1 : phpmyadmin - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been fixed in phpMyAdmin, the web-based\nMySQL administration interface.\n\n - CVE-2016-1927\n The suggestPassword function relied on a non-secure\n random number generator which makes it easier for remote\n attackers to guess generated passwords via a brute-force\n approach.\n\n - CVE-2016-2039\n CSRF token values were generated by a non-secure random\n number generator, which allows remote attackers to\n bypass intended access restrictions by predicting a\n value.\n\n - CVE-2016-2040\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote authenticated users to inject arbitrary web\n script or HTML.\n\n - CVE-2016-2041\n phpMyAdmin does not use a constant-time algorithm for\n comparing CSRF tokens, which makes it easier for remote\n attackers to bypass intended access restrictions by\n measuring time differences.\n\n - CVE-2016-2560\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-2561\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5099\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5701\n For installations running on plain HTTP, phpMyAdmin\n allows remote attackers to conduct BBCode injection\n attacks against HTTP sessions via a crafted URI.\n\n - CVE-2016-5705\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5706\n phpMyAdmin allows remote attackers to cause a denial of\n service (resource consumption) via a large array in the\n scripts parameter.\n\n - CVE-2016-5731\n A cross-site scripting (XSS) vulnerability allows remote\n attackers to inject arbitrary web script or HTML.\n\n - CVE-2016-5733\n Multiple cross-site scripting (XSS) vulnerabilities\n allow remote attackers to inject arbitrary web script or\n HTML.\n\n - CVE-2016-5739\n A specially crafted Transformation could leak\n information which a remote attacker could use to perform\n cross site request forgeries.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-1927\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2041\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2560\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/phpmyadmin\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3627\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the phpmyadmin packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 4:4.2.12-2+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"phpmyadmin\", reference:\"4:4.2.12-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T11:05:37", "description": "The remote host is affected by the vulnerability described in GLSA-201701-32\n(phpMyAdmin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in phpMyAdmin. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A authenticated remote attacker could exploit these vulnerabilities to\n execute arbitrary PHP Code, inject SQL code, or to conduct Cross-Site\n Scripting attacks.\n In certain configurations, an unauthenticated remote attacker could\n cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-12T00:00:00", "title": "GLSA-201701-32 : phpMyAdmin: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5098", "CVE-2016-9854", "CVE-2016-6625", "CVE-2016-6615", "CVE-2016-9853", "CVE-2016-5704", "CVE-2016-6614", "CVE-2016-6612", "CVE-2016-9851", "CVE-2016-6617", "CVE-2016-5702", "CVE-2016-6633", "CVE-2016-9848", "CVE-2016-6611", "CVE-2016-6630", "CVE-2016-9863", "CVE-2016-6632", "CVE-2016-5701", "CVE-2016-4412", "CVE-2016-6616", "CVE-2016-9860", "CVE-2016-5730", "CVE-2016-6609", "CVE-2016-9865", "CVE-2016-9852", "CVE-2016-9856", "CVE-2016-9847", "CVE-2016-9858", "CVE-2016-6608", "CVE-2016-5731", "CVE-2016-6622", "CVE-2016-9850", "CVE-2016-6607", "CVE-2016-5097", "CVE-2016-6613", "CVE-2016-5734", "CVE-2016-6606", "CVE-2016-9864", "CVE-2016-5705", "CVE-2016-9859", "CVE-2016-5099", "CVE-2016-5732", "CVE-2016-6626", "CVE-2016-9857", "CVE-2016-5703", "CVE-2016-9855", "CVE-2016-9861", "CVE-2016-6610", "CVE-2016-6619", "CVE-2016-6629", "CVE-2016-6627", "CVE-2016-9849", "CVE-2016-5733", "CVE-2016-6620", "CVE-2016-6623", "CVE-2016-9862", "CVE-2016-5739", "CVE-2016-5706", "CVE-2016-6628", "CVE-2016-6624", "CVE-2016-6631", "CVE-2016-6618", "CVE-2016-9866"], "modified": "2017-01-12T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:phpmyadmin"], "id": "GENTOO_GLSA-201701-32.NASL", "href": "https://www.tenable.com/plugins/nessus/96426", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201701-32.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96426);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4412\", \"CVE-2016-5097\", \"CVE-2016-5098\", \"CVE-2016-5099\", \"CVE-2016-5701\", \"CVE-2016-5702\", \"CVE-2016-5703\", \"CVE-2016-5704\", \"CVE-2016-5705\", \"CVE-2016-5706\", \"CVE-2016-5730\", \"CVE-2016-5731\", \"CVE-2016-5732\", \"CVE-2016-5733\", \"CVE-2016-5734\", \"CVE-2016-5739\", \"CVE-2016-6606\", \"CVE-2016-6607\", \"CVE-2016-6608\", \"CVE-2016-6609\", \"CVE-2016-6610\", \"CVE-2016-6611\", \"CVE-2016-6612\", \"CVE-2016-6613\", \"CVE-2016-6614\", \"CVE-2016-6615\", \"CVE-2016-6616\", \"CVE-2016-6617\", \"CVE-2016-6618\", \"CVE-2016-6619\", \"CVE-2016-6620\", \"CVE-2016-6622\", \"CVE-2016-6623\", \"CVE-2016-6624\", \"CVE-2016-6625\", \"CVE-2016-6626\", \"CVE-2016-6627\", \"CVE-2016-6628\", \"CVE-2016-6629\", \"CVE-2016-6630\", \"CVE-2016-6631\", \"CVE-2016-6632\", \"CVE-2016-6633\", \"CVE-2016-9847\", \"CVE-2016-9848\", \"CVE-2016-9849\", \"CVE-2016-9850\", \"CVE-2016-9851\", \"CVE-2016-9852\", \"CVE-2016-9853\", \"CVE-2016-9854\", \"CVE-2016-9855\", \"CVE-2016-9856\", \"CVE-2016-9857\", \"CVE-2016-9858\", \"CVE-2016-9859\", \"CVE-2016-9860\", \"CVE-2016-9861\", \"CVE-2016-9862\", \"CVE-2016-9863\", \"CVE-2016-9864\", \"CVE-2016-9865\", \"CVE-2016-9866\");\n script_xref(name:\"GLSA\", value:\"201701-32\");\n\n script_name(english:\"GLSA-201701-32 : phpMyAdmin: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201701-32\n(phpMyAdmin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in phpMyAdmin. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A authenticated remote attacker could exploit these vulnerabilities to\n execute arbitrary PHP Code, inject SQL code, or to conduct Cross-Site\n Scripting attacks.\n In certain configurations, an unauthenticated remote attacker could\n cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201701-32\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All phpMyAdmin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-4.6.5.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'phpMyAdmin Authenticated Remote Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/phpmyadmin\", unaffected:make_list(\"ge 4.6.5.1\"), vulnerable:make_list(\"lt 4.6.5.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:42", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5097", "CVE-2016-5099"], "description": "\nThe phpmyadmin development team reports:\n\nDescription\nBecause user SQL queries are part of the URL, sensitive\n\t information made as part of a user query can be exposed by\n\t clicking on external links to attackers monitoring user GET\n\t query parameters or included in the webserver logs.\nSeverity\nWe consider this to be non-critical.\n\n\nDescription\nA specially crafted attack could allow for special HTML\n\t characters to be passed as URL encoded values and displayed\n\t back as special characters in the page.\nSeverity\nWe consider this to be non-critical.\n\n", "edition": 4, "modified": "2016-05-26T00:00:00", "published": "2016-05-25T00:00:00", "id": "00EC1BE1-22BB-11E6-9EAD-6805CA0B3D42", "href": "https://vuxml.freebsd.org/freebsd/00ec1be1-22bb-11e6-9ead-6805ca0b3d42.html", "title": "phpmyadmin -- XSS and sensitive data leakage", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "phpmyadmin": [{"lastseen": "2019-05-29T19:31:05", "bulletinFamily": "software", "cvelist": ["CVE-2016-5098"], "description": "## PMASA-2016-15\n\n**Announcement-ID:** PMASA-2016-15\n\n**Date:** 2016-05-25\n\n**Updated:** 2016-05-26\n\n### Summary\n\nFile Traversal Protection Bypass on Error Reporting\n\n### Description\n\nA specially crafted payload could result in the error reporting component exposing whether an arbitrary file exists on the file system and the size of that file.\n\nThe attacker must be able to intercept and modify the user's POST data and must be able to trigger a JavaScript error to the user.\n\nUpdated to include CVE ID.\n\n### Severity\n\nWe consider this to be non-critical.\n\n### Mitigation factor\n\nThis attack can be mitigated in affected installations by setting `$cfg['Servers'][$i]['SendErrorReports'] = 'never';`. Upgrading to a more recent development commit is suggested.\n\n### Affected Versions\n\nGit 'master' development branch. No released version was vulnerable.\n\n### Unaffected Versions\n\nAll released versions are not affected as they use precalculated data.\n\n### Solution\n\nUpgrade to a more recent snapshot or release version.\n\n### References\n\nThis issue was found thanks to [Mozilla SOS program](<https://wiki.mozilla.org/MOSS/Secure_Open_Source>).\n\nAssigned CVE ids: [CVE-2016-5098](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5098>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>)\n\n### Patches\n\nThe following commits have been made on the 4.6 branch to fix this issue:\n\n * [d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8](<https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-05-26T00:00:00", "published": "2016-05-25T00:00:00", "id": "PHPMYADMIN:PMASA-2016-15", "href": "https://www.phpmyadmin.net/security/PMASA-2016-15/", "title": "File Traversal Protection Bypass on Error Reporting", "type": "phpmyadmin", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T19:31:04", "bulletinFamily": "software", "cvelist": ["CVE-2016-5097"], "description": "## PMASA-2016-14\n\n**Announcement-ID:** PMASA-2016-14\n\n**Date:** 2016-05-25\n\n**Updated:** 2016-05-30\n\n### Summary\n\nSensitive Data in URL GET Query Parameters\n\n### Description\n\nBecause user SQL queries are part of the URL, sensitive information made as part of a user query can be exposed by clicking on external links to attackers monitoring user GET query parameters or included in the webserver logs.\n\nUpdated to include CVE ID and added commits fixing most of problems in 4.0.10 branch.\n\n### Severity\n\nWe consider this to be non-critical.\n\n### Mitigation factor\n\nAvoid clicking on external links in phpMyAdmin which are not redirected through url.php script.\n\n### Affected Versions\n\nAll versions prior 4.6.2 are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.6.2 or newer or apply patches listed below.\n\n### References\n\nThis issue was found thanks to [Mozilla SOS program](<https://wiki.mozilla.org/MOSS/Secure_Open_Source>).\n\nAssigned CVE ids: [CVE-2016-5097](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5097>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>)\n\n### Patches\n\nThe following commits have been made on the 4.6 branch to fix this issue:\n\n * [11eb574242d2526107366d367ab5585fbe29578f](<https://github.com/phpmyadmin/phpmyadmin/commit/11eb574242d2526107366d367ab5585fbe29578f>)\n * [5fc8020c5ba9cd2e38beb5dfe013faf2103cdf0f](<https://github.com/phpmyadmin/phpmyadmin/commit/5fc8020c5ba9cd2e38beb5dfe013faf2103cdf0f>)\n * [8326aaebe54083d9726e153abdd303a141fe5ad3](<https://github.com/phpmyadmin/phpmyadmin/commit/8326aaebe54083d9726e153abdd303a141fe5ad3>)\n * [59e56bd63a5e023b797d82eb272cd074e3b4bfd1](<https://github.com/phpmyadmin/phpmyadmin/commit/59e56bd63a5e023b797d82eb272cd074e3b4bfd1>)\n\nThe following commits have been made on the 4.0 branch to fix this issue:\n\n * [27505e1c2d8be8d8a89180a13c97b658796942f5](<https://github.com/phpmyadmin/phpmyadmin/commit/27505e1c2d8be8d8a89180a13c97b658796942f5>)\n * [b19c426726864496be026a7af6ad433a8b4bc9ae](<https://github.com/phpmyadmin/phpmyadmin/commit/b19c426726864496be026a7af6ad433a8b4bc9ae>)\n * [82fc97b15e1c3feb3d13c42fcb5966a5efafc910](<https://github.com/phpmyadmin/phpmyadmin/commit/82fc97b15e1c3feb3d13c42fcb5966a5efafc910>)\n * [b2054a18345a5fde44405c498a6d9947bfa4896f](<https://github.com/phpmyadmin/phpmyadmin/commit/b2054a18345a5fde44405c498a6d9947bfa4896f>)\n * [d26422eae58e05d689ce2efc9982945419007f10](<https://github.com/phpmyadmin/phpmyadmin/commit/d26422eae58e05d689ce2efc9982945419007f10>)\n * [6f413680b172ae0b25f2509f1c7bb21405e8eaf9](<https://github.com/phpmyadmin/phpmyadmin/commit/6f413680b172ae0b25f2509f1c7bb21405e8eaf9>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-05-30T00:00:00", "published": "2016-05-25T00:00:00", "id": "PHPMYADMIN:PMASA-2016-14", "href": "https://www.phpmyadmin.net/security/PMASA-2016-14/", "title": "Sensitive Data in URL GET Query Parameters", "type": "phpmyadmin", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T19:31:00", "bulletinFamily": "software", "cvelist": ["CVE-2016-5099"], "description": "## PMASA-2016-16\n\n**Announcement-ID:** PMASA-2016-16\n\n**Date:** 2016-05-25\n\n**Updated:** 2016-05-26\n\n### Summary\n\nSelf XSS\n\n### Description\n\nA specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page.\n\nUpdated to include CVE ID.\n\n### Severity\n\nWe consider this to be non-critical.\n\n### Affected Versions\n\nVersions 4.4.x (prior to 4.4.15.6) and 4.6.x (prior to 4.6.2) are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.4.15.6 or 4.6.2 or newer or apply patch listed below.\n\n### References\n\nThis issue was found thanks to [Mozilla SOS program](<https://wiki.mozilla.org/MOSS/Secure_Open_Source>).\n\nAssigned CVE ids: [CVE-2016-5099](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5099>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>)\n\n### Patches\n\nThe following commits have been made on the 4.6 branch to fix this issue:\n\n * [b061096abd992801fbbd805ef6ff74e627528780](<https://github.com/phpmyadmin/phpmyadmin/commit/b061096abd992801fbbd805ef6ff74e627528780>)\n\nThe following commits have been made on the 4.4 branch to fix this issue:\n\n * [78e71897be0902eb1d5d3d30a33b4417cd7d4d87](<https://github.com/phpmyadmin/phpmyadmin/commit/78e71897be0902eb1d5d3d30a33b4417cd7d4d87>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "edition": 2, "modified": "2016-05-26T00:00:00", "published": "2016-05-25T00:00:00", "id": "PHPMYADMIN:PMASA-2016-16", "href": "https://www.phpmyadmin.net/security/PMASA-2016-16/", "title": "Self XSS", "type": "phpmyadmin", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2019-05-30T02:22:29", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2040", "CVE-2016-5701", "CVE-2016-5731", "CVE-2016-2561", "CVE-2016-5705", "CVE-2016-1927", "CVE-2016-5099", "CVE-2016-2560", "CVE-2016-2039", "CVE-2016-5733", "CVE-2016-2041", "CVE-2016-5739", "CVE-2016-5706"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3627-1 security@debian.org\nhttps://www.debian.org/security/ Thijs Kinkhorst\nJuly 24, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : phpmyadmin\nCVE ID : CVE-2016-1927 CVE-2016-2039 CVE-2016-2040 CVE-2016-2041 \n CVE-2016-2560 CVE-2016-2561 CVE-2016-5099 CVE-2016-5701\n CVE-2016-5705 CVE-2016-5706 CVE-2016-5731 CVE-2016-5733\n CVE-2016-5739\n\nSeveral vulnerabilities have been fixed in phpMyAdmin, the web-based\nMySQL administration interface.\n\nCVE-2016-1927\n\n The suggestPassword function relied on a non-secure random number\n generator which makes it easier for remote attackers to guess\n generated passwords via a brute-force approach.\n\nCVE-2016-2039\n\n CSRF token values were generated by a non-secure random number\n genrator, which allows remote attackers to bypass intended access\n restrictions by predicting a value.\n\nCVE-2016-2040\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n authenticated users to inject arbitrary web script or HTML.\n\nCVE-2016-2041\n\n phpMyAdmin does not use a constant-time algorithm for comparing\n CSRF tokens, which makes it easier for remote attackers to bypass\n intended access restrictions by measuring time differences.\n\nCVE-2016-2560\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-2561\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5099\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5701\n\n For installations running on plain HTTP, phpMyAdmin allows remote\n attackers to conduct BBCode injection attacks against HTTP sessions\n via a crafted URI.\n\nCVE-2016-5705\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5706\n\n phpMyAdmin allows remote attackers to cause a denial of service\n (resource consumption) via a large array in the scripts parameter.\n\nCVE-2016-5731\n\n A cross-site scripting (XSS) vulnerability allows remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5733\n\n Multiple cross-site scripting (XSS) vulnerabilities allow remote\n attackers to inject arbitrary web script or HTML.\n\nCVE-2016-5739\n\n A specially crafted Transformation could leak information which\n a remote attacker could use to perform cross site request forgeries.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4:4.2.12-2+deb8u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4:4.6.3-1.\n\nWe recommend that you upgrade your phpmyadmin packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "modified": "2016-07-24T16:03:48", "published": "2016-07-24T16:03:48", "id": "DEBIAN:DSA-3627-1:EBE43", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00205.html", "title": "[SECURITY] [DSA 3627-1] phpmyadmin security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "gentoo": [{"lastseen": "2017-01-11T14:15:25", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5098", "CVE-2016-9854", "CVE-2016-6625", "CVE-2016-6615", "CVE-2016-9853", "CVE-2016-5704", "CVE-2016-6614", "CVE-2016-6612", "CVE-2016-9851", "CVE-2016-6617", "CVE-2016-5702", "CVE-2016-6633", "CVE-2016-9848", "CVE-2016-6611", "CVE-2016-6630", "CVE-2016-9863", "CVE-2016-6632", "CVE-2016-5701", "CVE-2016-4412", "CVE-2016-6616", "CVE-2016-9860", "CVE-2016-5730", "CVE-2016-6609", "CVE-2016-9865", "CVE-2016-9852", "CVE-2016-9856", "CVE-2016-9847", "CVE-2016-9858", "CVE-2016-6608", "CVE-2016-5731", "CVE-2016-6622", "CVE-2016-9850", "CVE-2016-6607", "CVE-2016-5097", "CVE-2016-6613", "CVE-2016-5734", "CVE-2016-6606", "CVE-2016-9864", "CVE-2016-5705", "CVE-2016-9859", "CVE-2016-5099", "CVE-2016-5732", "CVE-2016-6626", "CVE-2016-9857", "CVE-2016-5703", "CVE-2016-9855", "CVE-2016-9861", "CVE-2016-6610", "CVE-2016-6619", "CVE-2016-6629", "CVE-2016-6627", "CVE-2016-9849", "CVE-2016-5733", "CVE-2016-6620", "CVE-2016-6623", "CVE-2016-9862", "CVE-2016-5739", "CVE-2016-5706", "CVE-2016-6628", "CVE-2016-6624", "CVE-2016-6631", "CVE-2016-6618", "CVE-2016-9866"], "edition": 1, "description": "### Background\n\nphpMyAdmin is a web-based management tool for MySQL databases.\n\n### Description\n\nMultiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA authenticated remote attacker could exploit these vulnerabilities to execute arbitrary PHP Code, inject SQL code, or to conduct Cross-Site Scripting attacks. \n\nIn certain configurations, an unauthenticated remote attacker could cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll phpMyAdmin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/phpmyadmin-4.6.5.1\"", "modified": "2017-01-11T00:00:00", "published": "2017-01-11T00:00:00", "href": "https://security.gentoo.org/glsa/201701-32", "id": "GLSA-201701-32", "type": "gentoo", "title": "phpMyAdmin: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
