PhpMyAdmin Denial-of-Service Vulnerability -01 Dec14 Network Vulnerability

Summary

This host is installed with phpMyAdmin and is prone to denial-of-service vulnerability.

Impact

Successful exploitation will allow remote attackers to cause the affected application to crash, denying service to legitimate users. Impact Level: Application

Solution

Upgrade to phpMyAdmin 4.0.10.7 or 4.1.14.8 or 4.2.13.1 or later. For updates refer http://www.phpmyadmin.net

Insight

The flaw exists due to an error triggered during the handling of long passwords

Affected

phpMyAdmin versions 4.0.x prior to 4.0.10.7, 4.1.x prior to 4.1.14.8 and 4.2.x prior to 4.2.13.1

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://1337day.com/exploit/23007
http://osvdb.org/115322
http://secunia.com/advisories/60454
http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php
http://xforce.iss.net/xforce/xfdb/99140

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-9218

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Connect back to SOCKS4 server
AyeView GIF Image Handling Denial of Service Vulnerability
Apple Safari Denial of Service Vulnerability (Win) - Apr09
Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)

phpMyAdmin Denial-of-Service Vulnerability -01 Dec14

Take action and discover your vulnerabilities