Gentoo Security Advisory GLSA 200503-07 (phpMyAdmin) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200503-07.

Solution

All phpMyAdmin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-2.6.1_p2-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-07 http://bugs.gentoo.org/show_bug.cgi?id=83190 http://bugs.gentoo.org/show_bug.cgi?id=83792 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-2 http://sourceforge.net/tracker/index.php?func=detail&aid=1113788&group_id=23067&atid=377408

Insight

phpMyAdmin contains multiple vulnerabilities that could lead to command execution, XSS issues and bypass of security restrictions.

Severity

Classification

CVE CVE-2005-0543, CVE-2005-0544, CVE-2005-0653
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Gentoo Security Advisory GLSA 200404-10 ()
Gentoo Security Advisory GLSA 200408-05 (Opera)
Gentoo Security Advisory GLSA 200410-07 (ed)
Gentoo Security Advisory GLSA 200409-21 (apache)
Gentoo Security Advisory GLSA 200407-08 (Ethereal)

Take action and discover your vulnerabilities