• PHP
  • Ruby on Rails
  • MySQL
  • Linux
    • SELINUX
    • Fedora
    • debian
  • Apache
  • nginx
  • AJAX
Albertech.net

PHPMyAdmin Security Update 1/22/2012

January 22, 2012 9:52 pm / Albertech.net

There is a PHPMyAdmin update today for Debian. It fixes XSS bug in the table tracking feature and an XML import plugin vulnerability.  The stable version of Debian (squeeze) and testing (wheezy) are affected.

Package        : phpmyadmin

Vulnerability  : several

Problem type   : remote

Debian-specific: no

CVE ID         : CVE-2011-1940 CVE-2011-3181 CVE-2011-4107

Debian Bug     : 656247

 

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems:

 

CVE-2011-4107

 

The XML import plugin allowed a remote attacker to read arbitrary

files via XML data containing external entity references.

 

CVE-2011-1940, CVE-2011-3181

 

Cross site scripting was possible in the table tracking feature,

allowing a remote attacker to inject arbitrary web script or HTML

Share this:

  • Facebook
  • Google
  • Twitter
  • Print
  • Email
Posted in: debian / Tagged: phpmyadmin

Comments are closed.

Post Navigation

← Previous Post
Next Post →

Categories

  • AJAX
  • Android
  • Apache
  • Canon Cameras
  • Cloud
  • CMS
  • Computer Mods
  • Conferences
  • Deals
  • debian
  • Fedora
  • Flash
  • Frameworks
  • git
  • Hardware
  • HTML
  • IDE
  • iPhone
  • iPhone App Review
  • jQuery
  • Linux
  • Mac OS X
  • MySQL
  • nginx
  • PHP
  • portfolio
  • Puppet
  • Ruby on Rails
  • Script Reviews
  • SELINUX
  • Software
  • Software Review
  • SQL Server
  • statistics
  • Tech
  • Tomcat
  • Uncategorized
  • VMWARE
  • VPS
  • Windows
  • wordpress
  • Zend Framework

Blogroll

  • DragonAl Flickr
  • Dropbox – Free 2GB Account
  • James' Blog
  • Javascript Compressor
  • PHP Builder Community
  • PHP-Princess.net
  • Rubular – Regular Expression Validator
  • The Scale-Out Blog
  • Tiny MCE

Tags

activation AJAX android antec Apache AWS awstats canon coda codeigniter debian enclosure external free G1 install vmware tools Internet Explorer iphone 5 jquery Linux mx-1 MySQL office 2007 OSX photoshop PHP plugin plugins portfolio redesigned website review rewrite script security SELinux ssh tinymce tutorial upgrade VMWARE vmware server wordpress wordpress mu XSS zend framework
© Copyright 2013 Albertech.net
Infinity Theme by DesignCoral / WordPress
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.