Debian Security Advisory DSA 1557-1 (phpmyadmin)

The remote host is missing an update to phpmyadmin announced via advisory DSA 1557-1. OpenVAS Vulnerability Test $Id: deb15571.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1557-1 phpmyadmin Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1557-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1557-1 : phpmyadmin - insufficient input sanitising

Several remote vulnerabilities have been discovered in phpMyAdmin, an application to administrate MySQL over the WWW. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1924 Attackers with CREATE table permissions were allowed to read arbitrary files...

FreeBSD : phpmyadmin -- Username/Password Session File Information Disclosure (6eb1dc51-1244-11dd-bab7-0016179b2dd5)

A phpMyAdmin security announcement report : phpMyAdmin saves sensitive information like the MySQL username and password and the Blowfish secret key in session data, which might be unprotected on a shared host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

FreeBSD : phpmyadmin -- Shared Host Information Disclosure (fe971a0f-1246-11dd-bab7-0016179b2dd5)

A phpMyAdmin security announcement report : It is possible to read the contents of any file that the web server's user can access. The exact mechanism to achieve this won't be disclosed. If a user can upload on the same host where phpMyAdmin is running a PHP script that can read files with the...

[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1557-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 24, 2008 http://www.debian.org/security/faq -...

phpMyAdmin共享主机远程信息泄露漏洞

BUGTRAQ ID: 28906 phpMyAdmin是用PHP编写的工具，用于通过WEB管理MySQL。 phpMyAdmin实现上存在漏洞，如果远程攻击者能够访问共享主机的话，就可以通过向phpMyAdmin发送特制的HTTP POST请求导致泄露敏感信息。 phpMyAdmin 2.11.5.2 phpMyAdmin ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1557-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 24, 2008 http://www.debian.org/security/faq -...

DSA-1557-1 phpmyadmin - several vulnerabilities

Bulletin has no description...

Design/Logic Flaw

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

DEBIAN-CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

CVE-2008-1924

CVE-2008-1924 affects phpMyAdmin prior to 2.11.5.2 on shared hosts, enabling remote authenticated users with CREATE TABLE permissions to read arbitrary files via a crafted HTTP POST due to an undefined UploadDir variable. Connected advisories indicate remediation via upgrading to phpMyAdmin 2.11....

CVE-2008-1924

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...

phpmyadmin -- Shared Host Information Disclosure

A phpMyAdmin security announcement report: It is possible to read the contents of any file that the web server's user can access. The exact mechanism to achieve this won't be disclosed. If a user can upload on the same host where phpMyAdmin is running a PHP script that can read files with the...

File disclosure on shared hosts via a crafted HTTP POST request.

PMASA-2008-3 Announcement-ID: PMASA-2008-3 Date: 2008-04-22 Updated: 2008-04-27 Summary File disclosure on shared hosts via a crafted HTTP POST request. Description We received an advisory from Cezary Tomczak, and we wish to thank him for his work. It is possible to read the contents of any file...

Fedora 7 : phpMyAdmin-2.11.5.1-1.fc7 (2008-2874)

This update addresses PMASA-2008-2 / CVE-2008-1567: phpMyAdmin upstream received an advisory from Jim Hermann: It saves sensitive information like the MySQL username and password and the Blowfish secret key in session data, which might be unprotected on a shared host...