FreeBSD Ports: Phpmyadmin Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/29944/ http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-3 http://www.vuxml.org/freebsd/fe971a0f-1246-11dd-bab7-0016179b2dd5.html

Insight

The following package is affected: phpmyadmin CVE-2008-1924 Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows attackers with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

Severity

Classification

CVE CVE-2008-1924
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:P/I:N/A:N

Related Vulnerabilities

FreeBSD Ports: phpmyadmin
FreeBSD Ports: samba
FreeBSD Ports: p5-Config-IniFiles
FreeBSD Ports: urban
FreeBSD Ports: unzip, zh-unzip, ko-unzip

Take action and discover your vulnerabilities