Web application abuses : phpMyAdmin Bookmark Security Bypass Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.103076

Categoría: Web application abuses

Título: phpMyAdmin Bookmark Security Bypass Vulnerability

Resumen: phpMyAdmin is prone to a security bypass vulnerability that affects; bookmarks.

Descripción: Summary:
phpMyAdmin is prone to a security bypass vulnerability that affects
bookmarks.

Vulnerability Impact:
Successfully exploiting this issue allows a remote attacker to bypass
certain security restrictions and perform unauthorized actions.

Affected Software/OS:
Versions prior to phpMyAdmin 3.3.9.2 and 2.11.11.3 are vulnerable.

Solution:
Updates are available. Please see the references for details.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0986
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:026
http://secunia.com/advisories/43478
http://www.vupen.com/english/advisories/2011/0385
XForce ISS Database: phpmyadmin-readme-path-disclosure(65424)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65424
Common Vulnerability Exposure (CVE) ID: CVE-2011-0987
BugTraq ID: 46359
http://www.securityfocus.com/bid/46359
Debian Security Information: DSA-2167 (Google Search)
http://www.debian.org/security/2011/dsa-2167
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054525.html
http://secunia.com/advisories/43324
http://secunia.com/advisories/43391
http://www.vupen.com/english/advisories/2011/0381
http://www.vupen.com/english/advisories/2011/0409
http://www.vupen.com/english/advisories/2011/0512
http://www.vupen.com/english/advisories/2011/0570
XForce ISS Database: phpmyadmin-bookmark-security-bypass(65390)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65390

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.103076
Categoría:	Web application abuses
Título:	phpMyAdmin Bookmark Security Bypass Vulnerability
Resumen:	phpMyAdmin is prone to a security bypass vulnerability that affects; bookmarks.
Descripción:	Summary: phpMyAdmin is prone to a security bypass vulnerability that affects bookmarks. Vulnerability Impact: Successfully exploiting this issue allows a remote attacker to bypass certain security restrictions and perform unauthorized actions. Affected Software/OS: Versions prior to phpMyAdmin 3.3.9.2 and 2.11.11.3 are vulnerable. Solution: Updates are available. Please see the references for details. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0986 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:026 http://secunia.com/advisories/43478 http://www.vupen.com/english/advisories/2011/0385 XForce ISS Database: phpmyadmin-readme-path-disclosure(65424) https://exchange.xforce.ibmcloud.com/vulnerabilities/65424 Common Vulnerability Exposure (CVE) ID: CVE-2011-0987 BugTraq ID: 46359 http://www.securityfocus.com/bid/46359 Debian Security Information: DSA-2167 (Google Search) http://www.debian.org/security/2011/dsa-2167 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054525.html http://secunia.com/advisories/43324 http://secunia.com/advisories/43391 http://www.vupen.com/english/advisories/2011/0381 http://www.vupen.com/english/advisories/2011/0409 http://www.vupen.com/english/advisories/2011/0512 http://www.vupen.com/english/advisories/2011/0570 XForce ISS Database: phpmyadmin-bookmark-security-bypass(65390) https://exchange.xforce.ibmcloud.com/vulnerabilities/65390
Copyright	Copyright (C) 2011 Greenbone AG