openSUSE Security Update : phpMyAdmin (openSUSE-SU-2012:0494-1)

update to 3.4.10.2 - security Fixed local path disclosure vulnerability, see PMASA-2012-2 http://www.phpmyadmin.net/homepage/security/PMASA-2012- 2.php %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

Fedora Update for phpMyAdmin FEDORA-2012-5631

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

phpMyAdmin 3.x 'show_config_errors.php'完整路径信息泄露漏洞

BUGTRAQ ID: 52858 CVE ID: CVE-2012-1902 phpMyAdmin是一个用PHP编写的，可以通过web方式控制和操作MySQL数据库。 phpMyAdmin在实现上存在安全漏洞，showconfigerrors.php没有验证配置文件的存在，因此错误信息中显示该文件的完整路径，导致信息泄露。 0 phpMyAdmin 3.x 厂商补丁： phpMyAdmin ---------- phpMyAdmin已经为此发布了一个安全公告（PMASA-2012-2）以及相应补丁: PMASA-2012-2：PMASA-2012-2...

FreeBSD Ports: phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. VID a81161d2-790f-11e1-ac16-e0cb4e266481 OpenVAS Vulnerability Test $ Description: Auto generated from VID a81161d2-790f-11e1-ac16-e0cb4e266481 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[ MDVSA-2012:050 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:050 http://www.mandriva.com/security/ Package : phpmyadmin Date : April 3, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in phpmyadmin: It wa...

CVE-2012-1902

showconfigerrors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file...

CVE-2012-1902

CVE-2012-1902 affects phpMyAdmin 3.4.x up to 3.4.10.2. When a configuration file is missing, the application exposes information via an error message that reveals the installation path, enabling potential information disclosure. Public references in the provided documents confirm a local path dis...

FreeBSD : phpMyAdmin -- Path disclosure due to missing verification of file presence (a81161d2-790f-11e1-ac16-e0cb4e266481)

The phpMyAdmin development team reports : The showconfigerrors.php scripts did not validate the presence of the configuration file, so an error message shows the full path of this file, leading to possible further attacks. For the error messages to be displayed, php.ini's errorreporting must be s...

Path disclosure due to missing verification of file presence.

PMASA-2012-2 Announcement-ID: PMASA-2012-2 Date: 2012-03-28 Summary Path disclosure due to missing verification of file presence. Description The showconfigerrors.php scripts did not validate the presence of the configuration file, so an error message shows the full path of this file, leading to...