FreeBSD : phpMyAdmin -- two XSS vulnerabilities due to unescaped db/table names (c4892644-f8c6-11e3-9f45-6805ca0b3d42)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The phpMyAdmin development team reports :

Self-XSS due to unescaped HTML output in recent/favorite tables
navigation.

When marking a crafted database or table name as favorite or having it
in recent tables, it is possible to trigger an XSS.

This vulnerability can be triggered only by someone who logged in to
phpMyAdmin, as the usual token protection prevents non-logged-in users
from accessing the required form.

Self-XSS due to unescaped HTML output in navigation items hiding
feature.

When hiding or unhiding a crafted table name in the navigation, it is
possible to trigger an XSS.

This vulnerability can be triggered only by someone who logged in to
phpMyAdmin, as the usual token protection prevents non-logged-in users
from accessing the required form.

See also :

http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php
http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php
http://www.nessus.org/u?5f5d9195

Solution :

Update the affected package.

Risk factor :

Low / CVSS Base Score : 3.5
(CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 76177 ()

Bugtraq ID:

CVE ID: CVE-2014-4348
CVE-2014-4349

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now