openSUSE Security Update : phpMyAdmin (openSUSE-2012-18)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

- update to 3.4.9

- bug #3442028 [edit] Inline editing enum fields with null
shows no dropdown

- bug #3442004 [interface] DB suggestion not correct for
user with underscore

- bug #3438420 [core] Magic quotes removed in PHP 5.4

- bug #3398788 [session] No feedback when result is empty
(signon auth_type)

- bug #3384035 [display] Problems regarding
ShowTooltipAliasTB

- bug #3306875 [edit] Can't rename a database that
contains views

- bug #3452506 [edit] Unable to move tables with triggers

- bug #3449659 [navi] Fast filter broken with table tree

- bug #3448485 [GUI] Firefox favicon frameset regression

- [core] Better compatibility with mysql extension

- [security] Self-XSS on export options (export
server/database/table), see PMASA-2011-20

- [security] Self-XSS in setup (host parameter), see
PMASA-2011-19

- fix for bnc#738411

- PMASA-2011-19 (CVE-2011-4780)

- PMASA-2011-20 (CVE-2011-4782)

- rework config patch

See also :

https://bugzilla.novell.com/show_bug.cgi?id=738411

Solution :

Update the affected phpMyAdmin package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74585 ()

Bugtraq ID:

CVE ID: CVE-2011-4780
CVE-2011-4782

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now