openSUSE Security Update : phpMyAdmin (openSUSE-2012-135)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

- update to 3.4.10.1 (fix for bnc#747841)

- [security] XSS in replication setup, see PMASA-2012-1

- 3.4.10.0 (2012-02-14)

- bug #3460090 [interface] TextareaAutoSelect feature
broken

- patch #3375984 [export] PHP Array export might generate
invalid php code

- bug #3049209 [import] Import from ODS ignores cell that
is the same as cell be fore

- bug #3463933 [display] SELECT DISTINCT displays wrong
total records found

- patch #3458944 [operations] copy table data missing SET
SQL_MODE='NO_AUTO_VALUE_ON_ZERO'

- bug #3469254 [edit] Setting data to NULL and drop-downs

- bug #3477063 [edit] Missing set fields and values in
generated INSERT query

- bug #3460867 [libraries] license issue with TCPDF
(updated to 5.9.145), (fix for bnc#736698)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=736698
https://bugzilla.novell.com/show_bug.cgi?id=747841

Solution :

Update the affected phpMyAdmin package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74557 ()

Bugtraq ID:

CVE ID: CVE-2012-1190

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now