Detections
Analytics

Fedora 30 : phpMyAdmin (2020-cb89758335)

high Nessus Plugin ID 133017

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

**Version 4.9.4** (2020-01-07)

 - issue #15724 Fix 2FA was disabled by a bug

 - issue [security] Fix SQL injection vulnerability on the user accounts page (PMASA-2020-1)

----

**Version 4.9.3** (2019-12-26)

 - issue #15570 Fix page contents go underneath of floating menubar in some cases

 - issue #15591 Fix php notice 'Undefined index:
 foreign_keys_data' on relations view when the user has column access

 - issue #15592 Fix php warning 'error_reporting() has been disabled for security reasons'

 - issue #15434 Fix middle click on table sort column name shows a blank page

 - issue Fix php notice 'Undefined index table_create_time' when setting displayed columns on results of a view

 - issue #15571 Fix fatal error when trying to edit row with row checked and button under the table

 - issue #15633 Fix designer set display field broken for php 5.x versions

 - issue #15621 Support CloudFront-Forwarded-Proto header for Amazon CloudFront proxy

 - issue Fix php 8.0 php notices - Undefined index on login page

 - issue #15640 Fix php 7.4 error when trying to access array offset on value of type null on table browse

 - issue #15641 Fix replication actions where broken (start slave, stop slave, reset, ...)

 - issue #15608 Fix DisableIS is broken when with controluser configured (database list broken)

 - issue #15614 Fix undefined offset on index page for MySQL 5.7.8 (server charset)

 - issue #15692 Fix JavaScript error when user has not enough privilege to view query statistics.

 - issue #14248 Fixed date selection in search menu missing higher Z-index value

 - issue Fix Uncaught php TypeError on php 8.0 when adding a column to table create form

 - issue #15682 Fix calendar not taking current time as default value

 - issue #15636 Fix php error trying to access array offset on value o type null on replication GUI

 - issue #15695 Fix input field for the time in datetime picker is disabled

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected phpMyAdmin package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2020-cb89758335

Plugin Details

Severity: High

ID: 133017

File Name: fedora_2020-cb89758335.nasl

Version: 1.1

Type: local

Agent: unix

Published: 1/17/2020

Updated: 1/17/2020

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:phpmyadmin, cpe:/o:fedoraproject:fedora:30

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 1/16/2020

Vulnerability Publication Date: 1/16/2020

Reference Information