Summary
The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2009-2984.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update phpMyAdmin' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2984
Insight
Update Information:
Improvements for 3.1.3.1:
- [security] HTTP Response Splitting and file inclusion vulnerabilities - [security] XSS vulnerability on export page
- [security] Insufficient output sanitizing when generating configuration file
ChangeLog:
* Wed Mar 25 2009 Robert Scheck 3.1.3.1-1
- Upstream released 3.1.3.1 (#492066)
* Sun Mar 1 2009 Robert Scheck 3.1.3-1
- Upstream released 3.1.3
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-1148, CVE-2009-1149, CVE-2009-1150, CVE-2009-1151 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities