Alpine: multiple phpmyadmin packages: security update to 4.6.3-r0 (deprecated)

critical Tenable Self-Hosted Container Security Plugin ID 400988

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive.
An attacker could reuse certain cookie values in a way of bypassing the servers defined by
ArbitraryServerRegexp. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x
versions (prior to 4.0.10.17) are affected. (CVE-2016-6629)

- An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is
vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser
cookie file to decrypt the username and password. Furthermore, the same initialization vector (IV) is used
to hash the username and password stored in the phpMyAdmin cookie. If a user has the same password as
their username, an attacker who examines the browser cookie can see that they are the same - but the
attacker can not directly decode these values from the cookie as it is still hashed. All 4.6.x versions
(prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are
affected. (CVE-2016-6606)

- XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can
be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly
escaped and can be used to trigger an XSS attack); Relation view; the following Transformations:
Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper;
XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin
directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4),
4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. (CVE-2016-6607)

- XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove
partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x
versions (prior to 4.6.4) are affected. (CVE-2016-6608)

- An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary
PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior
to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. (CVE-2016-6609)

See Also

https://git.alpinelinux.org/aports/commit/?id=6c5c1e1eda5fc81d7179877e6aca7faac9cff94e

https://git.alpinelinux.org/aports/commit/?id=914a08808878dc44cd5d5fc735204fa2f448a86a

Plugin Details

Severity: Critical

ID: 400988

Version: Revision 1.22

Type: Local

Published: 8/16/2023

Updated: 1/17/2024

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

Percentile: 57.12

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-6629

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 9/23/2016

Vulnerability Publication Date: 7/7/2016

Reference Information

CVE: CVE-2016-6606, CVE-2016-6607, CVE-2016-6608, CVE-2016-6609, CVE-2016-6610, CVE-2016-6611, CVE-2016-6612, CVE-2016-6613, CVE-2016-6614, CVE-2016-6615, CVE-2016-6616, CVE-2016-6617, CVE-2016-6618, CVE-2016-6619, CVE-2016-6620, CVE-2016-6622, CVE-2016-6623, CVE-2016-6624, CVE-2016-6625, CVE-2016-6626, CVE-2016-6627, CVE-2016-6628, CVE-2016-6629, CVE-2016-6630, CVE-2016-6631, CVE-2016-6632, CVE-2016-6633

BID: 92489, 92490, 92491, 92492, 92493, 92494, 92496, 92497, 92500, 92501, 93257, 93258, 94112, 94113, 94114, 94115, 94117, 94118, 94366, 95041, 95042, 95044, 95047, 95048, 95049, 95052, 95055