Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-1821-1:AF0F6
HistoryJun 17, 2019 - 8:41 p.m.

[SECURITY] [DLA 1821-1] phpmyadmin security update

2019-06-1720:41:59
lists.debian.org
135

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.2%

JSON

Package : phpmyadmin
Version : 4:4.2.12-2+deb8u6
CVE ID : CVE-2016-6606 CVE-2016-6607 CVE-2016-6611 CVE-2016-6612
CVE-2016-6613 CVE-2016-6624 CVE-2016-6626 CVE-2016-6627
CVE-2016-6628 CVE-2016-6630 CVE-2016-6631 CVE-2016-6632
CVE-2016-9849 CVE-2016-9850 CVE-2016-9861 CVE-2016-9864
CVE-2019-12616
Debian Bug : 930017

Multiple security vulnerabilities were fixed in phpmyadmin, a MySQL web
administration tool, which prevent possible SQL injection attacks, CSRF,
the bypass of user restrictions, information disclosure or
denial-of-service.

For Debian 8 "Jessie", these problems have been fixed in version
4:4.2.12-2+deb8u6.

We recommend that you upgrade your phpmyadmin packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian7allphpmyadmin< 4:3.4.11.1-2+deb7u6phpmyadmin_4:3.4.11.1-2+deb7u6_all.deb
Debian8allphpmyadmin< 4:4.2.12-2+deb8u6phpmyadmin_4:4.2.12-2+deb8u6_all.deb

Related

nessus 12
openvas 11
osv 15
debian 2
mageia 1
freebsd 2
suse 1
prion 18
debiancve 17
nvd 19
phpmyadmin 17
alpinelinux 17
cvelist 17
gentoo 1
ubuntucve 17
cve 18
github 7
zdt 1
veracode 1
checkpoint_advisories 1
exploitpack 1
nuclei 1
packetstorm 1
exploitdb 1
nessus
nessus
Debian DLA-1821-1 : phpmyadmin security update
2019-06-18 00:00:00
Debian DLA-757-1 : phpmyadmin security update
2016-12-27 00:00:00
Debian DLA-626-1 : phpmyadmin security update
2016-09-19 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1821-1)
2019-06-18 00:00:00
Debian: Security Advisory (DLA-626-1)
2023-03-08 00:00:00
Debian: Security Advisory (DLA-757-1)
2023-03-08 00:00:00
osv
osv
phpmyadmin - security update
2019-06-16 00:00:00
phpmyadmin - security update
2016-09-17 00:00:00
phpmyadmin - security update
2016-12-24 00:00:00
debian
debian
[SECURITY] [DLA 757-1] phpmyadmin security update
2016-12-24 22:29:29
[SECURITY] [DLA 626-1] phpmyadmin security update
2016-09-17 21:19:36
mageia
mageia
Updated phpmyadmin packages fix security vulnerability
2016-08-31 18:32:33
freebsd
freebsd
phpmyadmin -- multiple vulnerabilities
2016-08-17 00:00:00
phpMyAdmin -- CSRF vulnerability in login form
2019-06-04 00:00:00
suse
suse
Security update for phpMyAdmin (important)
2016-08-29 11:09:35
prion
prion
Code injection
2016-12-11 03:00:00
Design/Logic Flaw
2016-12-11 02:59:00
Design/Logic Flaw
2016-12-11 02:59:00
debiancve
debiancve
CVE-2016-9864
2016-12-11 03:00:06
CVE-2016-6613
2016-12-11 02:59:19
CVE-2016-6626
2016-12-11 02:59:34
nvd
nvd
CVE-2016-9864
2016-12-11 03:00:06
CVE-2016-6613
2016-12-11 02:59:19
CVE-2016-6612
2016-12-11 02:59:18
phpmyadmin
phpmyadmin
Multiple SQL injection vulnerabilities
2016-11-25 00:00:00
Local file exposure
2016-07-12 00:00:00
Local file exposure through symlinks with UploadDir
2016-07-12 00:00:00
alpinelinux
alpinelinux
CVE-2016-9861
2016-12-11 03:00:01
CVE-2016-6611
2016-12-11 02:59:17
CVE-2016-6607
2016-12-11 02:59:11
cvelist
cvelist
CVE-2016-9864
2016-12-11 02:00:00
CVE-2016-6613
2016-12-11 02:00:00
CVE-2016-6628
2016-12-11 02:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2017-01-11 00:00:00
ubuntucve
ubuntucve
CVE-2016-6613
2016-12-11 00:00:00
CVE-2016-6631
2016-12-11 00:00:00
CVE-2016-9864
2016-12-11 00:00:00
cve
cve
CVE-2016-6613
2016-12-11 02:59:19
CVE-2016-9864
2016-12-11 03:00:06
CVE-2016-6611
2016-12-11 02:59:17
github
github
phpMyAdmin Local file exposure
2022-05-17 02:37:25
phpMyAdmin IPv6 and proxy server IP-based authentication rule circumvention
2022-05-17 02:37:25
phpMyAdmin Denial of service (DOS) attack with dbase extension
2022-05-17 02:37:10
zdt
zdt
phpMyAdmin 4.8 - Cross-Site Request Forgery Vulnerability
2019-06-11 00:00:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2019-06-05 11:43:53
checkpoint_advisories
checkpoint_advisories
phpMyAdmin Cross-Site Request Forgery (CVE-2019-12616)
2019-06-19 00:00:00
exploitpack
exploitpack
phpMyAdmin 4.8 - Cross-Site Request Forgery
2019-06-11 00:00:00
nuclei
nuclei
phpMyAdmin <4.9.0 - Cross-Site Request Forgery
2021-07-16 17:57:01
packetstorm
packetstorm
phpMyAdmin 4.8 Cross Site Request Forgery
2019-06-11 00:00:00
exploitdb
exploitdb
phpMyAdmin 4.8 - Cross-Site Request Forgery
2019-06-11 00:00:00

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.2%

JSON
Related for DEBIAN:DLA-1821-1:AF0F6
nessus12openvas11osv15debian2mageia1freebsd2suse1prion18debiancve17nvd19phpmyadmin17alpinelinux17cvelist17gentoo1ubuntucve17cve18github7zdt1veracode1checkpoint_advisories1exploitpack1nuclei1packetstorm1exploitdb1