openSUSE Security Update : phpMyAdmin (openSUSE-2016-168)
Medium Nessus Plugin ID 88632
SynopsisThe remote openSUSE host is missing a security update.
DescriptionSecurity update to phpMyAdmin 126.96.36.199
The followinng vulnerabilities were fixed: (boo#964024)
- CVE-2016-2038: Multiple full path disclosure vulnerabilities
- CVE-2016-2039: Unsafe generation of XSRF/CSRF token
- CVE-2016-2040: Multiple XSS vulnerabilities
- CVE-2016-2041: Unsafe comparison of XSRF/CSRF token
- CVE-2016-2042: Multiple full path disclosure vulnerabilities
- CVE-2016-2043: XSS vulnerability in normalization page
SolutionUpdate the affected phpMyAdmin package.