15 matches found
openSUSE Security Update : phpMyAdmin (phpMyAdmin-442)
This is a version upgrade to phpMyAdmin 2.11.9.4 to fix various security bugs. CVE-2008-2960, CVE-2008-3197, CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-4096, CVE-2008-4326, CVE-2008-5621, CVE-2008-5622 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-5935)
This is a version upgrade to phpMyAdmin 2.11.9.4 to fix various security bugs. CVE-2008-2960, CVE-2008-3197, CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-4096, CVE-2008-4326, CVE-2008-5621, CVE-2008-5622 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
Gentoo Security Advisory GLSA 200803-15 (phpmyadmin)
The remote host is missing updates announced in advisory GLSA 200803-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: phpmyadmin
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 1557-1 (phpmyadmin)
The remote host is missing an update to phpmyadmin announced via advisory DSA 1557-1. OpenVAS Vulnerability Test $Id: deb15571.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1557-1 phpmyadmin Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1557-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1557-1 : phpmyadmin - insufficient input sanitising
Several remote vulnerabilities have been discovered in phpMyAdmin, an application to administrate MySQL over the WWW. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1924 Attackers with CREATE table permissions were allowed to read arbitrary files...
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1557-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 24, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1557-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 24, 2008 http://www.debian.org/security/faq -...
DSA-1557-1 phpmyadmin - several vulnerabilities
Bulletin has no description...
[ GLSA 200803-15 ] phpMyAdmin: SQL injection vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
Fedora 8 : phpMyAdmin-2.11.5-1.fc8 (2008-2189)
This is a bugfix-only version containing a security fix: Remove cookies from $REQUEST for better coexistence with other applications, thanks to Richard Cunningham. See PMASA-2008-1. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...
Fedora 7 : phpMyAdmin-2.11.5-1.fc7 (2008-2229)
This is a bugfix-only version containing a security fix: Remove cookies from $REQUEST for better coexistence with other applications, thanks to Richard Cunningham. See PMASA-2008-1. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...
CVE-2008-1149
phpMyAdmin before 2.11.5 accesses $REQUEST to obtain some parameters instead of $GET and $POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery CSRF attacks by using crafted cookies...
CVE-2008-1149
CVE-2008-1149 affects phpMyAdmin prior to 2.11.5, where code reads parameters from $_REQUEST (instead of $_GET/$_POST), enabling attackers in the same domain to override variables and perform SQL injection and CSRF via crafted cookies. The connected documents indicate this was addressed in later ...