phpMyAdmin 4.4.x < 188.8.131.52 / 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-6, PMASA-2016-7)
Low Nessus Plugin ID 88986
SynopsisThe remote web server hosts a PHP application that is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.4.x prior to 184.108.40.206 or 4.5.x prior to 4.5.4. It is, therefore, affected by the following vulnerabilities :
- An information disclosure vulnerability exists in the AES.php and Rijndael.php scripts that allows a remote attacker, via a specially crafted request, to disclose the software's installation path. (CVE-2016-2042)
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input to the normalization script when handling a crafted table name before returning it to users. An authenticated, remote attacker can exploit this, via specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2016-2043)
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to phpMyAdmin version 220.127.116.11 / 4.5.4 or later.
Alternatively, apply the patch referenced in the vendor advisory.