Fedora 7 : phpMyAdmin-2.11.2.2-1.fc7 (2007-3666)

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

The login page (auth_type cookie) was vulnerable to XSS via the
convcharset parameter (PMASA-2007-8).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=333661
https://bugzilla.redhat.com/show_bug.cgi?id=356291
https://bugzilla.redhat.com/show_bug.cgi?id=385881
https://bugzilla.redhat.com/show_bug.cgi?id=385891
https://bugzilla.redhat.com/show_bug.cgi?id=385921
https://bugzilla.redhat.com/show_bug.cgi?id=393771
http://www.nessus.org/u?f5b8cce8

Solution :

Update the affected phpMyAdmin package.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)

Family: Fedora Local Security Checks

Nessus Plugin ID: 28311 (fedora_2007-3666.nasl)

Bugtraq ID:

CVE ID: CVE-2007-5386
CVE-2007-5589
CVE-2007-5976
CVE-2007-5977

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now