Summary
The remote host is missing updates announced in
advisory GLSA 200402-05.
Solution
Users are encouraged to upgrade to phpMyAdmin-2.5.6_rc1:
# emerge sync
# emerge -pv '>=dev-db/phpmyadmin-2.5.6_rc1'
# emerge '>=dev-db/phpmyadmin-2.5.6_rc1'
# emerge clean
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200402-05 http://bugs.gentoo.org/show_bug.cgi?id=40268
http://cvs.sourceforge.net/viewcvs.py/phpmyadmin/phpMyAdmin/export.php?r1=2.3&r2=2.3.2.1
Insight
A vulnerability in phpMyAdmin which was not properly verifying user generated input could lead to a directory traversal attack.
Severity
Classification
-
CVE CVE-2004-0129 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities