Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title New phppgadmin packages fix regression
Informations
Name DSA-1693 First vendor Publication 2008-12-27
Vendor Debian Last vendor Modification 2009-01-21
Severity (Vendor) N/A Revision 2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The security update for phpPgAdmin in DSA-1693-1 caused a regression in modifying table fields. This updates corrects that flaw. For reference the original advisory follows.

Several remote vulnerabilities have been discovered in phpPgAdmin, a tool to administrate PostgreSQL database over the web. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2007-2865

  Cross-site scripting vulnerability allows remote attackers to inject   arbitrary web script or HTML via the server parameter.

CVE-2007-5728

  Cross-site scripting vulnerability allows remote attackers to inject   arbitrary web script or HTML via PHP_SELF.

CVE-2008-5587

  Directory traversal vulnerability allows remote attackers to read   arbitrary files via _language parameter.

For the stable distribution (etch), these problems have been fixed in version 4.0.1-3.1etch2.

We recommend that you upgrade your phppgadmin package.

Original Source

Url : http://www.debian.org/security/2009/dsa-1693

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
50 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:19797
 
Oval ID: oval:org.mitre.oval:def:19797
Title: DSA-1693-1 phppgadmin - several vulnerabilities
Description: Several remote vulnerabilities have been discovered in phpPgAdmin, a tool to administrate PostgreSQL database over the web.
Family: unix Class: patch
Reference(s): DSA-1693-1
CVE-2007-2865
CVE-2007-5728
CVE-2008-5587
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): phppgadmin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7719
 
Oval ID: oval:org.mitre.oval:def:7719
Title: DSA-1693 phppgadmin -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in phpPgAdmin, a tool to administrate PostgreSQL database over the web. The Common Vulnerabilities and Exposures project identifies the following problems: Cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or HTML via the server parameter. Cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or HTML via PHP_SELF. Directory traversal vulnerability allows remote attackers to read arbitrary files via _language parameter. For the stable distribution (etch), these problems have been fixed in version 4.0.1-3.1etch2. For the unstable distribution (sid), these problems have been fixed in version 4.2.1-1.1. We recommend that you upgrade your phppgadmin package.
Family: unix Class: patch
Reference(s): DSA-1693
CVE-2007-2865
CVE-2007-5728
CVE-2008-5587
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): phppgadmin
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 12

OpenVAS Exploits

Date Description
2009-06-05 Name : Ubuntu USN-698-3 (nagios2)
File : nvt/ubuntu_698_3.nasl
2009-03-20 Name : FreeBSD Ports: phppgadmin
File : nvt/freebsd_phppgadmin1.nasl
2009-02-27 Name : Fedora Update for phpPgAdmin FEDORA-2007-0469
File : nvt/gb_fedora_2007_0469_phpPgAdmin_fc7.nasl
2009-02-18 Name : SuSE Security Summary SUSE-SR:2009:004
File : nvt/suse_sr_2009_004.nasl
2009-02-13 Name : Fedora Update for phpPgAdmin FEDORA-2008-11564
File : nvt/gb_fedora_2008_11564_phpPgAdmin_fc10.nasl
2009-02-13 Name : Fedora Update for phpPgAdmin FEDORA-2008-11576
File : nvt/gb_fedora_2008_11576_phpPgAdmin_fc8.nasl
2009-02-13 Name : Fedora Update for phpPgAdmin FEDORA-2008-11602
File : nvt/gb_fedora_2008_11602_phpPgAdmin_fc9.nasl
2008-12-29 Name : Debian Security Advisory DSA 1693-1 (phppgadmin)
File : nvt/deb_1693_1.nasl
2008-09-04 Name : FreeBSD Ports: phppgadmin
File : nvt/freebsd_phppgadmin0.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
50545 phpPgAdmin index.php _language Parameter Traversal Local File Inclusion
40432 phpPgAdmin redirect.php url Parameter Remote File Inclusion

phpPgAdmin contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'redirect.php' script not properly sanitizing user input supplied to the 'url' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
38138 phpPgAdmin sqledit.php server Parameter XSS

phpPgAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'server' parameter upon submission to the 'sqledit.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
36699 phpPgAdmin redirect.php URL XSS

Snort® IPS/IDS

Date Description
2014-01-10 script tag in POST parameters - likely cross-site scripting
RuleID : 21782 - Revision : 9 - Type : INDICATOR-OBFUSCATION
2014-01-10 cross-site scripting attempt via form data attempt
RuleID : 19645 - Revision : 13 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-219.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_phpPgAdmin-090205.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_phpPgAdmin-090205.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2008-11564.nasl - Type : ACT_GATHER_INFO
2009-03-17 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_4ce3c20b124b11dea9640030843d3802.nasl - Type : ACT_GATHER_INFO
2009-02-13 Name : The remote openSUSE host is missing a security update.
File : suse_phpPgAdmin-5984.nasl - Type : ACT_GATHER_INFO
2008-12-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1693.nasl - Type : ACT_GATHER_INFO
2008-12-21 Name : The remote Fedora host is missing a security update.
File : fedora_2008-11576.nasl - Type : ACT_GATHER_INFO
2008-12-21 Name : The remote Fedora host is missing a security update.
File : fedora_2008-11602.nasl - Type : ACT_GATHER_INFO
2008-12-08 Name : The remote web server contains a PHP application that is susceptible to a loc...
File : phppgadmin_language_file_include.nasl - Type : ACT_ATTACK
2008-01-08 Name : The remote openSUSE host is missing a security update.
File : suse_phpPgAdmin-4713.nasl - Type : ACT_GATHER_INFO
2007-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2007-0469.nasl - Type : ACT_GATHER_INFO
2007-06-05 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_3d0e724e129b11dc9f790016179b2dd5.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:28:05
  • Multiple Updates