phpMyAdmin < 2.6.1-pl1 RCE

high Nessus Network Monitor Plugin ID 2452

Synopsis

The remote host is vulnerable to an flaw that allows attackers to execute arbitrary commands.

Description

The remote host is running phpMyAdmin, an open-source software written in PHP to handle the administration of MySQL over the Web.
The remote version of this software is vulnerable to arbitrary command execution due to a lack of user-supplied data sanitization.
In addition, the remote host is vulnerable to multiple remote Cross-Site Scripting (XSS) flaws. An attacker exploiting these flaws would need to be able to convince a user into clicking on a malicious URL. Upon successful exploitation, the attacker would be able to steal credentials or execute code within the browser.
Thirdly, the remote host is vulnerable to a flaw in the way that it handles user-supplied variables that are used within included files. An attacker exploiting this flaw would pass malicious data to the server that the server would then include within the executing script code. A successful exploit would result in the attacker being able to execute arbitrary code on the server.

Solution

Upgrade to phpMyAdmin 2.6.1-pl1 or higher.

Plugin Details

Severity: High

ID: 2452

Family: CGI

Published: 12/13/2004

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Reference Information

CVE: CVE-2004-1148, CVE-2005-0543, CVE-2005-0567

BID: 11886, 12644, 12645

Detections

Analytics