FreeBSD : file disclosure in phpMyAdmin (cc0fb686-6550-11d8-80e3-0020ed76ef5a)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Lack of proper input validation in phpMyAdmin may allow an attacker to
obtain the contents of any file on the target system that is readable
by the web server.

See also :

http://marc.info/?l=bugtraq&m=107582619125932&w=2
http://www.nessus.org/u?19d4c5bf
http://www.nessus.org/u?2f694228

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 37430 (freebsd_pkg_cc0fb686655011d880e30020ed76ef5a.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0129

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now