Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200803-15 (phpmyadmin)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60518

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200803-15 (phpmyadmin)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory GLSA 200803-15.

A SQL injection vulnerability has been discovered in phpMyAdmin.

Solution:
All phpMyAdmin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-2.11.5'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200803-15
http://bugs.gentoo.org/show_bug.cgi?id=212000

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-1149
BugTraq ID: 28068
http://www.securityfocus.com/bid/28068
Debian Security Information: DSA-1557 (Google Search)
http://www.debian.org/security/2008/dsa-1557
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00069.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00100.html
http://www.gentoo.org/security/en/glsa/glsa-200803-15.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:131
http://secunia.com/advisories/29143
http://secunia.com/advisories/29200
http://secunia.com/advisories/29287
http://secunia.com/advisories/29964
http://secunia.com/advisories/30816
http://secunia.com/advisories/32834
http://secunia.com/advisories/33822
SuSE Security Announcement: SUSE-SR:2008:026 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
SuSE Security Announcement: SUSE-SR:2009:003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
http://www.vupen.com/english/advisories/2008/0731
http://www.vupen.com/english/advisories/2008/0758
XForce ISS Database: phpmyadmin-request-sql-injection(40968)
https://exchange.xforce.ibmcloud.com/vulnerabilities/40968

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60518
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200803-15 (phpmyadmin)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200803-15. A SQL injection vulnerability has been discovered in phpMyAdmin. Solution: All phpMyAdmin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-2.11.5' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200803-15 http://bugs.gentoo.org/show_bug.cgi?id=212000 CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1149 BugTraq ID: 28068 http://www.securityfocus.com/bid/28068 Debian Security Information: DSA-1557 (Google Search) http://www.debian.org/security/2008/dsa-1557 https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00069.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00100.html http://www.gentoo.org/security/en/glsa/glsa-200803-15.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:131 http://secunia.com/advisories/29143 http://secunia.com/advisories/29200 http://secunia.com/advisories/29287 http://secunia.com/advisories/29964 http://secunia.com/advisories/30816 http://secunia.com/advisories/32834 http://secunia.com/advisories/33822 SuSE Security Announcement: SUSE-SR:2008:026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html SuSE Security Announcement: SUSE-SR:2009:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html http://www.vupen.com/english/advisories/2008/0731 http://www.vupen.com/english/advisories/2008/0758 XForce ISS Database: phpmyadmin-request-sql-injection(40968) https://exchange.xforce.ibmcloud.com/vulnerabilities/40968
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com