phpMyAdmin Multiple Path Disclosure Vulnerabilities (PMASA-2016-1, PMASA-2016-6, PMASA-2016-8)

Medium Nessus Plugin ID 90428

Synopsis

The remote web server hosts a PHP application that is affected by multiple path disclosure vulnerabilities.

Description

The phpMyAdmin application hosted on the remote web server is affected by multiple path disclosure vulnerabilities in multiple scripts. An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted request, to disclose the full path of the directory where phpMyAdmin is installed.

Note that phpMyAdmin is also reportedly affected by multiple cross-site scripting and cross-site request forgery vulnerabilities;
however, Nessus has not tested for these.

Solution

Upgrade to phpMyAdmin version 4.0.10.13 / 4.4.15.3 / 4.5.4 or later.
Alternatively, apply the patch referenced in the vendor advisory.

See Also

https://www.phpmyadmin.net/security/PMASA-2016-1/

https://www.phpmyadmin.net/security/PMASA-2016-6/

https://www.phpmyadmin.net/security/PMASA-2016-8/

Plugin Details

Severity: Medium

ID: 90428

File Name: phpmyadmin_pmasa_2016_path_disclosure.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 2016/04/12

Updated: 2019/11/20

Dependencies: 17219

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2016-2044

CVSS v2.0

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 5.3

Temporal Score: 4.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Required KB Items: www/PHP, installed_sw/phpMyAdmin

Exploit Available: false

Exploit Ease: No exploit is required

Exploited by Nessus: true

Patch Publication Date: 2016/01/23

Vulnerability Publication Date: 2016/01/23

Reference Information

CVE: CVE-2016-2038, CVE-2016-2042, CVE-2016-2044

BID: 82075, 82097, 82104