Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.68864
Categoría:Mandrake Local Security Checks
Título:Mandriva Security Advisory MDVSA-2011:026 (phpmyadmin)
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing an update to phpmyadmin
announced via advisory MDVSA-2011:026.

Multiple vulnerabilities were discovered and corrected in phpmyadmin:

When the files README, ChangeLog or LICENSE have been removed from
their original place (possibly by the distributor), the scripts used
to display these files can show their full path, leading to possible
further attacks (CVE-2011-0986).

It was possible to create a bookmark which would be executed
unintentionally by other users (CVE-2011-0987).

The updated packages have been upgraded to the latest versions to
mitigate these issues.

Affected: Corporate 4.0, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:026
http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php
http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php

Risk factor : High

CVSS Score:
6.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0986
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:026
http://secunia.com/advisories/43478
http://www.vupen.com/english/advisories/2011/0385
XForce ISS Database: phpmyadmin-readme-path-disclosure(65424)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65424
Common Vulnerability Exposure (CVE) ID: CVE-2011-0987
BugTraq ID: 46359
http://www.securityfocus.com/bid/46359
Debian Security Information: DSA-2167 (Google Search)
http://www.debian.org/security/2011/dsa-2167
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054525.html
http://secunia.com/advisories/43324
http://secunia.com/advisories/43391
http://www.vupen.com/english/advisories/2011/0381
http://www.vupen.com/english/advisories/2011/0409
http://www.vupen.com/english/advisories/2011/0512
http://www.vupen.com/english/advisories/2011/0570
XForce ISS Database: phpmyadmin-bookmark-security-bypass(65390)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65390
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.