phpMyAdmin 4.4.15.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Information Disclosure

Medium Nessus Network Monitor Plugin ID 9856

Synopsis

The remote web server contains a version of phpMyAdmin that is affected by multiple information disclosure attack vectors.

Description

Versions of phpMyAdmin 4.4.15.x prior to 4.4.15.9, and 4.6.x prior to 4.6.5 are unpatched, and therefore affected by the following vulnerabilities :

- A flaw exists in 'libraries/VersionInformation.php' related to false values being passed to the 'json_decode()' method. This may allow an authenticated, remote attacker to disclose the software's installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks. (OSVDB 148475)
- A flaw exists related to export timeouts in the 'PMA_shutdownDuringExport()' function in 'libraries/export.lib.php'. This may allow an authenticated, remote attacker to disclose the software's installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks. (OSVDB 148476)

Solution

Upgrade to phpMyAdmin version 4.6.5 or later. If 4.6.x cannot be obtained, version 4.4.15.9 has also been patched for these vulnerabilities.

See Also

https://www.phpmyadmin.net/news/2016/12/5/phpmyadmin-4652-released

https://www.phpmyadmin.net/security/PMASA-2016-44

Plugin Details

Severity: Medium

ID: 9856

File Name: 9856.prm

Family: CGI

Published: 2017/01/09

Modified: 2017/01/09

Dependencies: 9102

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Patch Publication Date: 2016/10/25

Vulnerability Publication Date: 2016/10/25

Reference Information

CVE: CVE-2016-9854, CVE-2016-9855

BID: 94527