Summary
This host is running phpMyAdmin and is prone to URI redirection vulnerability.
Impact
Successful exploitation will allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks.
Impact Level: Application
Solution
Upgrade to phpMyAdmin version 3.4.1 or later.
For updates refer to http://www.phpmyadmin.net/home_page/downloads.php
Insight
The flaw is due to an improper validation of user-supplied input to the 'url' parameter in url.php, which allows attackers to redirect a user to an arbitrary website.
Affected
phpMyAdmin version 3.4.0
References
Severity
Classification
-
CVE CVE-2011-1941 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Apache Archiva Home Page Cross-Site Scripting vulnerability
- An Image Gallery Multiple Cross-Site Scripting Vulnerability
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability