Fedora 22 : php-udan11-sql-parser-3.0.4-1.fc22 / phpMyAdmin-4.5.1-1.fc22 (2015-17908c56c1)

medium Nessus Plugin ID 89157

Synopsis

The remote Fedora host is missing one or more security updates.

Description

phpMyAdmin 4.5.1.0 (2015-10-23) =============================== - Invalid argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value
- Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system - 'PMA_Microhistory' is undefined - Incorrect definition for getTablesWhenOpen() - Error when creating new user on MariaDB 10.0.21 - Notice on htmlspecialchars() - Notice in Structure page of views - AUTO_INCREMENT always exported when IF NOT EXISTS is on - Some partitions are missing in copied table
- Notice of undefined variable when performing SHOW CREATE - Error exporting sql query results with table alias - SQL editing window does not recognise 'OUTER' keyword in 'LEFT OUTER JOIN' - 'NOT IN' clause not recognized (MySQL 5.6 and 5.7) - Yellow star does not change in database Structure after add/remove from favorites - Invalid SQL in table definition when exporting table - Foreign key to other database's tables fails - Bug while exporting results when a joined table field name is in SELECT query - Strange behavior on table rename
- Rename table does not result in refresh in left panel - Missing arguments for PMA_Table::generateAlter() - Notices about undefined indexes on structure pages of information_schema tables

- Change minimum PHP version for Composer - Import parser and backslash - 'Visualize GIS data' seems to be broken
- Confirm box on 'Reset slave' option - Fix cookies clearing on version change - Cannot execute SQL with subquery - Incorrect syntax creating a user using mysql_native_password with MariaDB - Cannot use third-party auth plugins

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php-udan11-sql-parser and / or phpMyAdmin packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1275108

http://www.nessus.org/u?5528164e

http://www.nessus.org/u?6a6f8688

Plugin Details

Severity: Medium

ID: 89157

File Name: fedora_2015-17908c56c1.nasl

Version: 2.3

Type: local

Agent: unix

Published: 3/4/2016

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:phpmyadmin, p-cpe:/a:fedoraproject:fedora:php-udan11-sql-parser, cpe:/o:fedoraproject:fedora:22

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 10/30/2015

Reference Information

CVE: CVE-2015-7873