Fedora 8 : phpMyAdmin-3.1.1-1.fc8 (2008-11221)

medium Nessus Plugin ID 35096

Synopsis

The remote Fedora host is missing a security update.

Description

Improvements for 3.1.1.0: - [core] Navi panel server links wrong - [core] bad session.save_path not detected - [core] Re-login causes PMA to forget current table name - [export] do not include view name in export - [display] enable copying of auto increment by default - [core] do not bail out creating session on any PHP warning - [display] properly update tooltips in navigation frame - [core] do not use ctype if it is not available - [display] HeaderFlipType 'fake' problems - [display] Incorrect size for view - [display] Drop-down menu blinking in FF - [lang] Catalan update - [lang] Finnish update - [core] Avoid error with BLOBstreaming support requiring SUPER privilege - [security] possible CSRF on several pages

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected phpMyAdmin package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=475954

http://www.nessus.org/u?9d04cff9

Plugin Details

Severity: Medium

ID: 35096

File Name: fedora_2008-11221.nasl

Version: 1.16

Type: local

Agent: unix

Published: 12/15/2008

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:phpmyadmin, cpe:/o:fedoraproject:fedora:8

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/13/2008

Reference Information

CVE: CVE-2008-5621

BID: 32720

CWE: 352

FEDORA: 2008-11221