This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
The phpMyAdmin development team reports :
The comparison of the XSRF/CSRF token parameter with the value saved
in the session is vulnerable to timing attacks. Moreover, the
comparison could be bypassed if the XSRF/CSRF token matches a
We consider this vulnerability to be serious.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 5.0