Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2011:198 | First vendor Publication | 2011-12-31 |
Vendor | Mandriva | Last vendor Modification | 2011-12-31 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been found and corrected in phpmyadmin: Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file (limited by the privileges of the user running the web server) (CVE-2011-4107). Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs (CVE-2011-4634). Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory (CVE-2011-4782). Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections (CVE-2011-4780). This upgrade provides the latest phpmyadmin version (3.4.9) to address these vulnerabilities. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:198 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
75 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
25 % | CWE-611 | Information Leak Through XML External Entity File Disclosure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15400 | |||
Oval ID: | oval:org.mitre.oval:def:15400 | ||
Title: | DSA-2391-1 phpmyadmin -- several | ||
Description: | Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-4107 The XML import plugin allowed a remote attacker to read arbitrary files via XML data containing external entity references. CVE-2011-1940, CVE-2011-3181 Cross site scripting was possible in the table tracking feature, allowing a remote attacker to inject arbitrary web script or HTML. The oldstable distribution is not affected by these problems. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2391-1 CVE-2011-1940 CVE-2011-3181 CVE-2011-4107 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | phpmyadmin |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-01-14 | phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion via XXE Injection |
OpenVAS Exploits
Date | Description |
---|---|
2012-04-02 | Name : Fedora Update for phpMyAdmin FEDORA-2011-16768 File : nvt/gb_fedora_2011_16768_phpMyAdmin_fc16.nasl |
2012-04-02 | Name : Fedora Update for phpMyAdmin FEDORA-2011-17369 File : nvt/gb_fedora_2011_17369_phpMyAdmin_fc16.nasl |
2012-03-19 | Name : Fedora Update for phpMyAdmin FEDORA-2011-15841 File : nvt/gb_fedora_2011_15841_phpMyAdmin_fc16.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin) File : nvt/glsa_201201_01.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2391-1 (phpmyadmin) File : nvt/deb_2391_1.nasl |
2012-01-09 | Name : Fedora Update for phpMyAdmin FEDORA-2011-17370 File : nvt/gb_fedora_2011_17370_phpMyAdmin_fc15.nasl |
2012-01-09 | Name : Mandriva Update for phpmyadmin MDVSA-2011:198 (phpmyadmin) File : nvt/gb_mandriva_MDVSA_2011_198.nasl |
2011-12-23 | Name : phpMyAdmin Setup '$host' Variable Cross Site Scripting Vulnerability File : nvt/secpod_phpmyadmin_setup_host_var_xss_vuln.nasl |
2011-12-19 | Name : Fedora Update for phpMyAdmin FEDORA-2011-16786 File : nvt/gb_fedora_2011_16786_phpMyAdmin_fc15.nasl |
2011-11-25 | Name : Fedora Update for phpMyAdmin FEDORA-2011-15831 File : nvt/gb_fedora_2011_15831_phpMyAdmin_fc14.nasl |
2011-11-25 | Name : Fedora Update for phpMyAdmin FEDORA-2011-15846 File : nvt/gb_fedora_2011_15846_phpMyAdmin_fc15.nasl |
0000-00-00 | Name : FreeBSD Ports: phpMyAdmin File : nvt/freebsd_phpMyAdmin27.nasl |
0000-00-00 | Name : FreeBSD Ports: phpMyAdmin File : nvt/freebsd_phpMyAdmin28.nasl |
0000-00-00 | Name : FreeBSD Ports: phpMyAdmin File : nvt/freebsd_phpMyAdmin29.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78036 | phpMyAdmin libraries/display_export.lib.php Multiple Export Panel URL Paramet... |
78034 | phpMyAdmin Create Index Dialog Column Type XSS phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'Column Type' field upon submission to the Create Index dialog. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
78033 | phpMyAdmin Table Search Dialog Column Type XSS phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'Column Type' field upon submission to the Table Search dialog. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
78032 | phpMyAdmin View Creation Dialog Failed SQL Query XSS phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via a failed SQL query upon submission to the View Creation dialog. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
78031 | phpMyAdmin Table Overview Panel Failed SQL Query XSS phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via a failed SQL query upon submission to the Table Overview panel. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
78030 | phpMyAdmin Database Rename Panel Database Name XSS phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'database name' field upon submission to the Database Rename panel. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
78029 | phpMyAdmin Database Synchronize Panel Database Name XSS phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'database name' field upon submission to the Database Synchronize panel. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
77983 | phpMyAdmin Setup Interface $host Parameter XSS phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the $host parameter upon submission to the setup interface. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |
76798 | phpMyadmin libraries/import/xml.php XML Data Entity References Parsing Remote... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-18.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2011-94.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2011-14.nasl - Type : ACT_GATHER_INFO |
2012-05-21 | Name : The remote web server hosts a PHP application that is affected by an informat... File : phpmyadmin_pmasa_2011_17.nasl - Type : ACT_GATHER_INFO |
2012-01-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2391.nasl - Type : ACT_GATHER_INFO |
2012-01-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-01.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-17369.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-17370.nasl - Type : ACT_GATHER_INFO |
2011-12-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8c83145d2c9511e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO |
2011-12-22 | Name : The remote web server hosts a PHP application that is affected by two cross-s... File : phpmyadmin_pmasa_2011_20.nasl - Type : ACT_GATHER_INFO |
2011-12-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-16786.nasl - Type : ACT_GATHER_INFO |
2011-12-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-16768.nasl - Type : ACT_GATHER_INFO |
2011-12-19 | Name : The remote web server contains a PHP application that is affected by a cross-... File : phpmyadmin_pmasa_2011_18.nasl - Type : ACT_GATHER_INFO |
2011-12-02 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ed5363361c5711e186f4e0cb4e266481.nasl - Type : ACT_GATHER_INFO |
2011-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15846.nasl - Type : ACT_GATHER_INFO |
2011-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15841.nasl - Type : ACT_GATHER_INFO |
2011-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15831.nasl - Type : ACT_GATHER_INFO |
2011-11-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_1f6ee7080d2211e1b5bd14dae938ec40.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-07-28 01:03:32 |
|