SUSE-SA:2006:004: phpMyAdmin

This script is Copyright (C) 2006-2010 Tenable Network Security, Inc.

Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SUSE-SA:2006:004 (phpMyAdmin).

Stefan Esser discovered a bug in in the register_globals emulation
of phpMyAdmin that allowes to overwrite variables. An attacker could
exploit the bug to ultimately execute code (CVE-2005-4079).
Additionally several cross-site-scripting bugs were discovered
(CVE-2005-3787, CVE-2005-3665).

We have released a version update to phpMyAdmin-2.7.0-pl2 which
addresses the issues mentioned above.

Solution :

Risk factor :


Family: SuSE Local Security Checks

Nessus Plugin ID: 20820 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now