Fedora 16 : phpMyAdmin-3.5.3-1.fc16 (2012-15725)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

phpMyAdmin 3.5.3.0 (2012-10-08) ===============================

- [interface] Browse mode 'Show' button gives blank page
if no results anymore

- [interface] Copy Database Ajax feedback vanishes long
before copying is done

- [interface] GC-maxlifetime warning incorrectly
displayed

- [interface] Search fails with JS error when tooltips
disabled

- [interface] Event comments not saved

- [edit] Can't enter date directly when editing inline

- [interface] Inline query editor doesn't work from
search results

- [edit] BLOB download no longer works

- [config] Error in generated configuration arrray

- [GUI] Invalid HTML code in multi submits confirmation
form

- [interface] Designer sometimes places tables on the
top menu

- [core] Call to undefined function __() when config
file has wrong permissions

- [edit] Error searching table with many fields

- [edit] Cannot copy a DB with table and views

- [privileges] Incorrect updating of the list of users

- [edit] cell edit date field with empty date fills in
current date

- [edit] current_date from function drop down fails on
update

- [compatibility] add support for Solaris and FreeBSD
system load and memory display in server status

- [import] Table import from XML file fails

- [display] replace Highcharts with jqplot for Display
chart

- [edit] Pasting value doesn't clear null checkbox

- [edit] Datepicker for date and datetime fields is
broken

- [security] Unspecified minor security fix by upstream,
see PMASA-2012-6
(http://www.phpmyadmin.net/home_page/security/PMASA-20
12-6.php)

- [security] Unspecified minor security fix by upstream,
see PMASA-2012-7
(http://www.phpmyadmin.net/home_page/security/PMASA-20
12-7.php)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php
http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php
http://www.nessus.org/u?f940b8da

Solution :

Update the affected phpMyAdmin package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 62726 ()

Bugtraq ID: 55925
55939

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now