remote code execution in phpMyAdmin

2005-11-1813:36:23

lists.opensuse.org

EPSS

0.26

Percentile

96.8%

JSON

The MySQL configuration frontend phpMyAdmin was updated to fix the following security problems which can be remotely exploited: - Multiple cross-site scripting (XSS) bugs (CVE-2005-3301, CVE-2005-2869, PMASA-2005-5). - Multiple file inclusion vulnerabilities that allowed an attacker to include arbitrary files (CVE-2005-3300, CVE-2005-3301, PMASA-2005-5).

Solution

There is no known workaround, please install the update packages.

OSVersionArchitecturePackageVersionFilename
openSUSE9.1noarchphpmyadmin< 2.5.6-34.11phpMyAdmin-2.5.6-34.11.noarch.rpm
openSUSE9.3noarchphpmyadmin< 2.6.1pl3-4.6phpMyAdmin-2.6.1pl3-4.6.noarch.rpm
openSUSE10.0noarchphpmyadmin< 2.6.3pl1-3.3phpMyAdmin-2.6.3pl1-3.3.noarch.rpm
openSUSE9.2noarchphpmyadmin< 2.6.0-4.11phpMyAdmin-2.6.0-4.11.noarch.rpm
openSUSE9.0noarchphpmyadmin< 2.5.3-41phpMyAdmin-2.5.3-41.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	9.1	noarch	phpmyadmin	< 2.5.6-34.11	phpMyAdmin-2.5.6-34.11.noarch.rpm
openSUSE	9.3	noarch	phpmyadmin	< 2.6.1pl3-4.6	phpMyAdmin-2.6.1pl3-4.6.noarch.rpm
openSUSE	10.0	noarch	phpmyadmin	< 2.6.3pl1-3.3	phpMyAdmin-2.6.3pl1-3.3.noarch.rpm
openSUSE	9.2	noarch	phpmyadmin	< 2.6.0-4.11	phpMyAdmin-2.6.0-4.11.noarch.rpm
openSUSE	9.0	noarch	phpmyadmin	< 2.5.3-41	phpMyAdmin-2.5.3-41.noarch.rpm

EPSS

0.26

Percentile

96.8%

JSON

Related for SUSE-SA:2005:066