openSUSE Security Update : phpMyAdmin (openSUSE-SU-2013:1065-1)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update of phpMyAdmin fixes several security issues.

- update to (2013-04-24)

- [security] Remote code execution (preg_replace),
reported by Janek Vind (see PMASA-2013-2)

- [security] Locally Saved SQL Dump File Multiple File
Extension Remote Code Execution, reported by Janek Vind
(see PMASA-2013-3)

- fix for bnc#824301

- PMASA-2013-2 (CVE-2013-3238)

- fix for bnc#824302

- PMASA-2013-3 (CVE-2013-3239)

- update to 3.5.8 (2013-04-08)

- sf#3828 MariaDB reported as MySQL

- sf#3854 Incorrect header for Safari 6.0

- sf#3705 Attempt to open trigger for edit gives NULL


- [security] Self-XSS on GIS visualisation page, reported
by Janek Vind see PMASA-2013-1

- sf#3800 Incorrect keyhandler behaviour #2

- fix for bnc#814678

- PMASA-2013-1 (CVE-2013-1937)

See also :

Solution :

Update the affected phpMyAdmin package.

Risk factor :

Medium / CVSS Base Score : 6.0
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 75055 ()

Bugtraq ID:

CVE ID: CVE-2013-1937

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now