Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.30 views

Debian: Security Advisory (DLA-626-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.4AI score0.0475EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2016-0291)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.6AI score0.0475EPSS
Exploits0References30
OSV
OSV
added 2016/12/11 2:59 a.m.3 views

UBUNTU-CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

8.1CVSS7.3AI score0.01386EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2016/12/11 2:0 a.m.23 views

CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

8.1CVSS8.8AI score0.01386EPSS
Exploits0
CVE
CVE
added 2016/12/11 2:0 a.m.132 views

CVE-2016-6606

phpMyAdmin is affected by CVE-2016-6606 due to a padding oracle vulnerability in cookie-based encryption that could allow an attacker with access to a user’s browser cookie to decrypt the stored username and password. The issue also stems from reusing the same IV to hash the username and password...

8.1CVSS8.5AI score0.01386EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/09/19 12:0 a.m.51 views

Debian DLA-626-1 : phpmyadmin security update

Phpmyadmin, a web administration tool for MySQL, had several vulnerabilities reported. CVE-2016-6606 A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has acces...

9.8CVSS7.1AI score0.0475EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2016/08/30 12:0 a.m.40 views

openSUSE Security Update : phpMyAdmin (openSUSE-2016-1021)

phpMyAdmin was updated to version 4.4.15.8 2016-08-16 to fix the following issues : - Upstream changelog for 4.4.15.8 : - Improve session cookie code for openid.php and signon.php example files - Full path disclosure in openid.php and signon.php example files - Unsafe generation of BlowfishSecret...

10CVSS7AI score0.0475EPSS
Exploits0References30
phpMyAdmin
phpMyAdmin
added 2016/07/07 12:0 a.m.74 views

Weakness with cookie encryption

PMASA-2016-29 Announcement-ID: PMASA-2016-29 Date: 2016-07-07 Summary Weakness with cookie encryption Description A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker...

8.1CVSS7.2AI score0.01386EPSS
Exploits0Affected Software1
Rows per page
Query Builder