8 matches found
Debian: Security Advisory (DLA-626-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2016-0291)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
CVE-2016-6606
phpMyAdmin is affected by CVE-2016-6606 due to a padding oracle vulnerability in cookie-based encryption that could allow an attacker with access to a user’s browser cookie to decrypt the stored username and password. The issue also stems from reusing the same IV to hash the username and password...
Debian DLA-626-1 : phpmyadmin security update
Phpmyadmin, a web administration tool for MySQL, had several vulnerabilities reported. CVE-2016-6606 A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has acces...
openSUSE Security Update : phpMyAdmin (openSUSE-2016-1021)
phpMyAdmin was updated to version 4.4.15.8 2016-08-16 to fix the following issues : - Upstream changelog for 4.4.15.8 : - Improve session cookie code for openid.php and signon.php example files - Full path disclosure in openid.php and signon.php example files - Unsafe generation of BlowfishSecret...
Weakness with cookie encryption
PMASA-2016-29 Announcement-ID: PMASA-2016-29 Date: 2016-07-07 Summary Weakness with cookie encryption Description A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker...