FreeBSD Ports: Phpmyadmin Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/29944/ http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-3 http://www.vuxml.org/freebsd/fe971a0f-1246-11dd-bab7-0016179b2dd5.html

Insight

The following package is affected: phpmyadmin CVE-2008-1924 Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows attackers with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

Severity

Classification

CVE CVE-2008-1924

CVSS	Base Score: 3.5 AV:N/AC:M/Au:S/C:P/I:N/A:N

Related Vulnerabilities

FreeBSD Ports: moinmoin
FreeBSD Ports: opera, opera-devel, linux-opera
FreeBSD Ports: cscope
FreeBSD Ports: php4, php4-cgi
FreeBSD Ports: ja-groff

FreeBSD Ports: phpmyadmin

Take action and discover your vulnerabilities