Detections
Analytics

Debian DSA-880-1 : phpmyadmin - several vulnerabilities

medium Nessus Plugin ID 22746

Synopsis

The remote Debian host is missing a security-related update.

Description

Several cross-site scripting vulnerabilities have been discovered in phpmyadmin, a set of PHP-scripts to administrate MySQL over the WWW.
The Common Vulnerabilities and Exposures project identifies the following problems :

 - CAN-2005-2869 Andreas Kerber and Michal Cihar discovered several cross-site scripting vulnerabilities in the error page and in the cookie login.

 - CVE-2005-3300 Stefan Esser discovered missing safety checks in grab_globals.php that could allow an attacker to induce phpmyadmin to include an arbitrary local file.

 - CVE-2005-3301 Tobias Klein discovered several cross-site scripting vulnerabilities that could allow attackers to inject arbitrary HTML or client-side scripting.

The version in the old stable distribution (woody) has probably its own flaws and is not easily fixable without a full audit and patch session. The easier way is to upgrade it from woody to sarge.

Solution

Upgrade the phpmyadmin package.

For the stable distribution (sarge) these problems have been fixed in version 2.6.2-3sarge1.

See Also

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328501

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335306

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335513

http://www.debian.org/security/2005/dsa-880

Plugin Details

Severity: Medium

ID: 22746

File Name: debian_DSA-880.nasl

Version: 1.20

Type: local

Agent: unix

Published: 10/14/2006

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:phpmyadmin, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/2/2005

Vulnerability Publication Date: 7/19/2005

Reference Information

CVE: CVE-2005-2869, CVE-2005-3300, CVE-2005-3301

BID: 15169

DSA: 880