Lucene search

K
ubuntucve
Ubuntu.comUB:CVE-2011-2719
HistoryAug 01, 2011 - 12:00 a.m.

CVE-2011-2719

2011-08-0100:00:00
ubuntu.com
ubuntu.com
9

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.028 Low

EPSS

Percentile

90.2%

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3
and 3.4.x before 3.4.3.2 does not properly manage sessions associated with
Swekey authentication, which allows remote attackers to modify the SESSION
superglobal array, other superglobal arrays, and certain
swekey.auth.lib.php local variables via a crafted query string, a related
issue to CVE-2011-2505.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntuupstreamnoarchphpmyadmin< 3.3.10.3,3.4.3.2UNKNOWN
How to protect your server from attacks?

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.028 Low

EPSS

Percentile

90.2%

Related for UB:CVE-2011-2719