8 matches found
phpMyAdmin 'libraries/select_lang.lib.php' Information Disclosure Vulnerability (PMASA-2015-1)
phpMyAdmin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...
[SECURITY] [DSA 3382-1] phpmyadmin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3382-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst October 28, 2015 https://www.debian.org/security/faq -...
[ MDVSA-2015:186 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:186 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : March 31, 2015 Affected: Business Server 1.0 Problem Description: A vulnerability has been discovered and corrected in phpmyadmin:...
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2015:186)
A vulnerability has been discovered and corrected in phpmyadmin : libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with...
Fedora 22 : phpMyAdmin-4.3.11.1-1.fc22 (2015-3287)
phpMyAdmin 4.3.11.1 2015-03-04 ================================ - security Risk of BREACH attack, see PMASA-2015-1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format i...
CVE-2015-2206
libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...
CVE-2015-2206
phpMyAdmin vulnerability CVE-2015-2206 affects libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1. The flaw is caused by invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP...
Risk of BREACH attack due to reflected parameter.
PMASA-2015-1 Announcement-ID: PMASA-2015-1 Date: 2015-03-04 Summary Risk of BREACH attack due to reflected parameter. Description With a large number of crafted requests it was possible to infer the CSRF token by a BREACH attack. Severity We consider this vulnerability to be non critical...