Fedora 9 : phpMyAdmin-3.0.1.1-1.fc9 (2008-9316)

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a
XSS issue in pmd_pdf.php via db parameter when register_globals is
enabled. - [GUI] SQL error after sorting a subset - [lang] Catalan
update - [lang] Russian update

- [import] Temporary uploaded file not deleted - [auth]
Cannot create database after session timeout - [core]
ForceSSL generates incorrectly escaped redirections
(this time with the correct fix) - [lang] Hungarian
update - [core] Properly truncate SQL to avoid half of
html tags - [lang] Romanian update - [structure]
Incorrect index choice shown when modifying an index -
[interface] Misleading message after cancelling an
action - [lang] Croatian update - [lang] Finnish update
- [lang] Polish update - [lang] Japanese update -
[privileges] Wrong message when changing password -
[core] Cannot disable PMA tables - [lang] Problems with
Italian language file - [interface] ShowChgPassword
setting not respected - [security] XSS in a Designer
component

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=468974
http://www.nessus.org/u?3ae0f8b7

Solution :

Update the affected phpMyAdmin package.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N)

Family: Fedora Local Security Checks

Nessus Plugin ID: 34682 (fedora_2008-9316.nasl)

Bugtraq ID:

CVE ID: CVE-2008-4775

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now