phpMyAdmin 3.3.x / 3.4.x < 3.3.10.4 / 3.4.4 Cross-site Scripting (PMASA-2011-13

This script is Copyright (C) 2011 Tenable Network Security, Inc.


Synopsis :

The remote web server contains a PHP application that is affected by
multiple cross-site scripting vulnerabilities.

Description :

The remote host contains a version of phpMyAdmin - 3.3.x less than
3.3.10.4 or 3.4.x less than 3.4.4 - that is affected by multiple
cross-site scripting vulnerabilities.

The data in the 'table', 'column', and 'index' variables of the script
'tbl_tracking.php' are not properly sanitized before being sent to the
browser.

These errors can allow an unauthenticated user to trick an
authenticated user into requesting a URL thereby injecting arbitrary
HTML or script code into the authenticated user's browser.

These errors can also allow an attacker who has access to the database
to create persistent strings of cross-site scripting code that will
inject arbitrary HTML or script code into an authenticated user's
browser at a later time.

See also :

http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.php
http://fd.the-wildcat.de/pma_e36aa9e2e0.php

Solution :

Upgrade to phpMyAdmin version 3.3.10.4 / 3.4.4 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 55993 ()

Bugtraq ID: 49306

CVE ID: CVE-2011-3181