Lucene search
This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2286.NASLHistoryJul 28, 2011 - 12:00 a.m.
Debian DSA-2286-1 : phpmyadmin - several vulnerabilities
2011-07-2800:00:00
This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.22
Percentile
96.5%
Several vulnerabilities were discovered in phpMyAdmin, a tool to administrate MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems :
-
CVE-2011-2505 Possible session manipulation in Swekey authentication.
-
CVE-2011-2506 Possible code injection in setup script, in case session variables are compromised.
-
CVE-2011-2507 Regular expression quoting issue in Synchronize code.
-
CVE-2011-2508 Possible directory traversal in MIME-type transformation.
-
CVE-2011-2642 Cross site scripting in table Print view when the attacker can create crafted table names.
-
No CVE name yet
Possible superglobal and local variables manipulation in Swekey authentication. (PMASA-2011-12)
The oldstable distribution (lenny) is only affected by CVE-2011-2642, which has been fixed in version 2.11.8.1-5+lenny9.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-2286. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(55708);
script_version("1.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508", "CVE-2011-2642");
script_bugtraq_id(48563, 48874);
script_xref(name:"DSA", value:"2286");
script_name(english:"Debian DSA-2286-1 : phpmyadmin - several vulnerabilities");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities were discovered in phpMyAdmin, a tool to
administrate MySQL over the web. The Common Vulnerabilities and
Exposures project identifies the following problems :
- CVE-2011-2505
Possible session manipulation in Swekey authentication.
- CVE-2011-2506
Possible code injection in setup script, in case session
variables are compromised.
- CVE-2011-2507
Regular expression quoting issue in Synchronize code.
- CVE-2011-2508
Possible directory traversal in MIME-type
transformation.
- CVE-2011-2642
Cross site scripting in table Print view when the
attacker can create crafted table names.
- No CVE name yet
Possible superglobal and local variables manipulation in
Swekey authentication. (PMASA-2011-12)
The oldstable distribution (lenny) is only affected by CVE-2011-2642,
which has been fixed in version 2.11.8.1-5+lenny9."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2011-2505"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2011-2506"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2011-2507"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2011-2508"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2011-2642"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2011-2642"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/squeeze/phpmyadmin"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2011/dsa-2286"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the phpmyadmin packages.
For the stable distribution (squeeze), these problems have been fixed
in version 3.3.7-6."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"d2_elliot_name", value:"Phpmyadmin 3.x RCE");
script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:phpmyadmin");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/07/14");
script_set_attribute(attribute:"patch_publication_date", value:"2011/07/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/28");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"6.0", prefix:"phpmyadmin", reference:"3.3.7-6")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2642
packages.debian.org/source/squeeze/phpmyadmin
security-tracker.debian.org/tracker/CVE-2011-2505
security-tracker.debian.org/tracker/CVE-2011-2506
security-tracker.debian.org/tracker/CVE-2011-2507
security-tracker.debian.org/tracker/CVE-2011-2508
security-tracker.debian.org/tracker/CVE-2011-2642
www.debian.org/security/2011/dsa-2286
Related
securityvulns
securityvulns
[SECURITY] [DSA 2286-1] phpmyadmin security update
2011-08-01 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-07-13 00:00:00
phpMyAdmin 3.x Multiple Remote Code Executions
2011-07-13 00:00:00
osv
osv
phpymadmin - several
2011-07-26 00:00:00
phpMyAdmin vulnerable to static code injection
2022-05-14 02:55:16
phpMyAdmin remote variable manipulation
2022-05-14 02:55:16
debian
debian
[SECURITY] [DSA 2286-1] phpmyadmin security update
2011-07-26 19:11:55
openvas
openvas
FreeBSD Ports: phpmyadmin
2011-08-03 00:00:00
Fedora Update for phpMyAdmin FEDORA-2011-9144
2011-07-18 00:00:00
phpMyAdmin < 3.3.10.2, 3.4.x < 3.4.3.1 Multiple Remote Vulnerabilities
2011-07-11 00:00:00
nessus
nessus
packetstorm
packetstorm
phpMyAdmin 3.x Remote Code Execution
2011-07-08 00:00:00
phpMyAdmin3 Remote Code Execution
2011-07-09 00:00:00
phpMyAdmin 3.x Swekey Remote Code Injection
2011-07-09 00:00:00
seebug
seebug
phpMyAdmin 3.x Multiple Remote Code Executions
2011-07-09 00:00:00
phpMyAdmin 3.x 多个安全漏洞
2011-07-07 00:00:00
phpMyAdmin3 (pma3) Remote Code Execution Exploit
2011-07-10 00:00:00
freebsd
freebsd
phpmyadmin -- multiple vulnerabilities
2011-07-02 00:00:00
phpmyadmin -- multiple vulnerabilities
2011-07-23 00:00:00
dsquare
dsquare
Phpmyadmin 3.x RCE
2012-01-26 00:00:00
exploitpack
exploitpack
phpMyAdmin3 (pma3) - Remote Code Execution
2011-07-08 00:00:00
phpMyAdmin 3.x - Swekey Remote Code Injection
2011-07-09 00:00:00
exploitdb
exploitdb
phpMyAdmin 3.x - Swekey Remote Code Injection
2011-07-09 00:00:00
phpMyAdmin3 (pma3) - Remote Code Execution
2011-07-08 00:00:00
zdt
zdt
phpMyAdmin 3.x Swekey Remote Code Injection Exploit
2011-07-09 00:00:00
checkpoint_advisories
checkpoint_advisories
PhpMyAdmin Sweky Remote Code Injection Exploit (CVE-2011-2506)
2013-10-20 00:00:00
PhpMyAdmin Remote Variable Manipulation (CVE-2011-2505)
2013-10-20 00:00:00
phpmyadmin
phpmyadmin
Possible directory traversal.
2011-07-02 00:00:00
Possible code injection in setup script in case session variables are compromised.
2011-07-02 00:00:00
XSS in table Print view.
2011-07-23 00:00:00
ubuntucve
ubuntucve
nvd
nvd
cve
cve
debiancve
debiancve
prion
prion
Code injection
2011-07-14 23:55:00
Code injection
2011-07-14 23:55:00
Directory traversal
2011-07-14 23:55:00
github
github
phpMyAdmin remote variable manipulation
2022-05-14 02:55:16
phpMyAdmin vulnerable to static code injection
2022-05-14 02:55:16
cvelist
cvelist
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2012-01-04 00:00:00
threatpost
threatpost
Call for Ban on Vulnerable PHP SuperGlobal Variables
2013-09-09 14:54:04
thn
thn
fedora
fedora
[SECURITY] Fedora 14 Update: phpMyAdmin-3.4.3.2-1.fc14
2011-08-05 03:49:58
[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.3.2-1.fc15
2011-08-05 03:52:20
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.22
Percentile
96.5%
Related for DEBIAN_DSA-2286.NASL