phpMyAdmin < 3.3.10.1 / 3.4.1 Multiple Vulnerabilities (PMASA-2011-03 - PMASA-2011-04

medium Nessus Plugin ID 55023

Synopsis

The remote web server contains a PHP application that is affected by multiple vulnerabilities.

Description

The remote host contains a version of phpMyAdmin - 3.3.x less than 3.3.10.1 or 3.4.x less than 3.4.1 - that is affected by multiple vulnerabilities:

- The scripts 'tbl_links.php' and 'tbl-tracking' fail to filter input to the 'table' and 'db' parameters. An attacker may be able to exploit this issue to inject arbitrary HTML and script code into a user's browser, to be executed within the security context of the affected application, resulting in the theft of session cookies and a compromise of a user's account.
(Issue #2011-03)

- For versions 3.4.x < 3.4.1, the script 'url.php' fails to validate input to the 'url' parameter before redirecting to a specified location. (Issue #2011-04)

Solution

Upgrade to phpMyAdmin version 3.3.10.1 / 3.4.1 or later.

See Also

https://www.phpmyadmin.net/security/PMASA-2011-3/

https://www.phpmyadmin.net/security/PMASA-2011-4/

Plugin Details

Severity: Medium

ID: 55023

File Name: phpmyadmin_pmasa_2011_3.nasl

Version: 1.11

Type: remote

Family: CGI abuses

Published: 6/9/2011

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Required KB Items: www/PHP, Settings/ParanoidReport, www/phpMyAdmin

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 5/22/2011

Vulnerability Publication Date: 5/22/2011

Reference Information

CVE: CVE-2011-1940, CVE-2011-1941

BID: 47943, 47945

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

SECUNIA: 44641