Detections
Analytics

FreeBSD : phpMyAdmin -- multiple vulnerabilities (ed10ed3f-fddc-11e8-94cf-6805ca0b3d42)

high Nessus Plugin ID 119637

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The phpMyAdmin development team reports : Summary Local file inclusion through transformation feature Description A flaw has been found where an attacker can exploit phpMyAdmin to leak the contents of a local file. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system. Severity We consider this vulnerability to be severe. Summary XSRF/CSRF vulnerability in phpMyAdmin Description By deceiving a user to click on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc. Severity We consider this vulnerability to be of moderate severity. Summary XSS vulnerability in navigation tree Description A Cross-Site Scripting vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a specially crafted database/table name. Severity We consider this attack to be of moderate severity. Mitigation factor The stored XSS vulnerabilities can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required forms.

Solution

Update the affected packages.

See Also

https://www.phpmyadmin.net/security/PMASA-2018-6/

https://www.phpmyadmin.net/security/PMASA-2018-7/

https://www.phpmyadmin.net/security/PMASA-2018-8/

http://www.nessus.org/u?e5a55a51

Plugin Details

Severity: High

ID: 119637

File Name: freebsd_pkg_ed10ed3ffddc11e894cf6805ca0b3d42.nasl

Version: 1.1

Type: local

Published: 12/13/2018

Updated: 12/13/2018

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:phpmyadmin, p-cpe:/a:freebsd:freebsd:phpmyadmin-php56, p-cpe:/a:freebsd:freebsd:phpmyadmin-php70, p-cpe:/a:freebsd:freebsd:phpmyadmin-php71, p-cpe:/a:freebsd:freebsd:phpmyadmin-php72, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 12/12/2018

Vulnerability Publication Date: 12/11/2018