Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25228
HistoryDec 01, 2010 - 12:00 a.m.

[ MDVSA-2010:244 ] phpmyadmin

2010-12-0100:00:00
vulners.com
30
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2010:244
http://www.mandriva.com/security/

Package : phpmyadmin
Date : November 30, 2010
Affected: Corporate 4.0, Enterprise Server 5.0

Problem Description:

A vulnerability has been found and corrected in phpmyadmin:

It was possible to conduct a XSS attack using spoofed request on the
db search script (CVE-2010-4329).

This upgrade provides the latest phpmyadmin versions which is not
vulnerable to this security issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4329
http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php

Updated Packages:

Corporate 4.0:
87bb4457e07c68c7eddee73bc942fdb1 corporate/4.0/i586/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.noarch.rpm
013a296d2c2aa39a34b30b6d9e5f460c corporate/4.0/SRPMS/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
5c99ed5e8e313786e6f760076c81d2da corporate/4.0/x86_64/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.noarch.rpm
013a296d2c2aa39a34b30b6d9e5f460c corporate/4.0/SRPMS/phpMyAdmin-2.11.11.1-0.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
70394e9ba0e8f350d6de2ca373dfd9b8 mes5/i586/phpmyadmin-3.3.8.1-0.1mdvmes5.1.noarch.rpm
b656823ea2dca7d61eb6ba85c3900470 mes5/SRPMS/phpmyadmin-3.3.8.1-0.1mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
a3c6238fa1f3132a27a91aa503b6e2fc mes5/x86_64/phpmyadmin-3.3.8.1-0.1mdvmes5.1.noarch.rpm
b656823ea2dca7d61eb6ba85c3900470 mes5/SRPMS/phpmyadmin-3.3.8.1-0.1mdvmes5.1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFM9MZBmqjQ0CJFipgRApUnAKDWTed6RtWZoUpy6VO0dea56dMivgCgjuzB
QWpx1KX1wp8A2aQ6IUyyCTg=
=+E4U
-----END PGP SIGNATURE-----

Related

nessus 4
ubuntucve 1
openvas 11
seebug 1
fedora 2
debiancve 1
cve 1
freebsd 1
prion 1
phpmyadmin 1
osv 1
debian 1
securityvulns 3
nessus
nessus
FreeBSD : phpMyAdmin -- XSS attack in database search (753f8185-5ba9-42a4-be02-3f55ee580093)
2010-11-30 00:00:00
Fedora 13 : phpMyAdmin-3.3.8.1-1.fc13 (2010-18371)
2010-12-09 00:00:00
Fedora 14 : phpMyAdmin-3.3.8.1-1.fc14 (2010-18343)
2010-12-09 00:00:00
ubuntucve
ubuntucve
CVE-2010-4329
2010-12-02 00:00:00
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2010-18343
2010-12-23 00:00:00
Mandriva Update for phpmyadmin MDVSA-2010:244 (phpmyadmin)
2010-12-09 00:00:00
FreeBSD Ports: phpMyAdmin
2011-01-24 00:00:00
seebug
seebug
phpMyAdminๆ•ฐๆฎๅบ“ๆœ็ดข่ทจ็ซ™่„šๆœฌๆ‰ง่กŒๆผๆดž
2010-12-09 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: phpMyAdmin-3.3.8.1-1.fc13
2010-12-08 21:36:02
[SECURITY] Fedora 14 Update: phpMyAdmin-3.3.8.1-1.fc14
2010-12-08 21:34:18
debiancve
debiancve
CVE-2010-4329
2010-12-02 16:22:00
cve
cve
CVE-2010-4329
2010-12-02 16:22:00
freebsd
freebsd
phpMyAdmin -- XSS attack in database search
2010-11-29 00:00:00
prion
prion
Cross site scripting
2010-12-02 16:22:00
phpmyadmin
phpmyadmin
XSS attack in database search.
2010-11-29 00:00:00
osv
osv
phpmyadmin - several
2010-12-31 00:00:00
debian
debian
[SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities
2010-12-31 15:57:29
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2011-01-03 00:00:00
[SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities
2011-01-03 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2010-12-01 00:00:00
JSON
Related for SECURITYVULNS:DOC:25228
nessus4ubuntucve1openvas11seebug1fedora2debiancve1cve1freebsd1prion1phpmyadmin1osv1debian1securityvulns3