Gentoo Security Advisory GLSA 200503-07 (phpMyAdmin) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200503-07.

Solution

All phpMyAdmin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-2.6.1_p2-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-07 http://bugs.gentoo.org/show_bug.cgi?id=83190 http://bugs.gentoo.org/show_bug.cgi?id=83792 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-2 http://sourceforge.net/tracker/index.php?func=detail&aid=1113788&group_id=23067&atid=377408

Insight

phpMyAdmin contains multiple vulnerabilities that could lead to command execution, XSS issues and bypass of security restrictions.

Severity

Classification

CVE CVE-2005-0543, CVE-2005-0544, CVE-2005-0653

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Gentoo Security Advisory GLSA 200501-45 (gallery)
Gentoo Security Advisory GLSA 200412-26 (ViewCVS)
Gentoo Security Advisory GLSA 200501-42 (VDR)
Gentoo Security Advisory GLSA 200411-23 (Ruby)
Gentoo Security Advisory GLSA 200409-06 (eGroupWare)

Take action and discover your vulnerabilities