ID de Prueba:	1.3.6.1.4.1.25623.1.0.806736
Categoría:	Web application abuses
Título:	phpMyAdmin Content spoofing vulnerability (Nov 2015) - Linux
Resumen:	phpMyAdmin is prone to content spoofing vulnerability.
Descripción:	Summary: phpMyAdmin is prone to content spoofing vulnerability. Vulnerability Insight: The flaw is due to insufficient sanitization user supplied input via 'url' parameter in url.php script. Vulnerability Impact: Successfully exploiting this issue may allow remote attackers to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites. Affected Software/OS: phpMyAdmin versions 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 on Linux Solution: Upgrade to phpMyAdmin 4.4.15.1 or 4.5.1 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7873 BugTraq ID: 77299 http://www.securityfocus.com/bid/77299 Debian Security Information: DSA-3382 (Google Search) http://www.debian.org/security/2015/dsa-3382 http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169987.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171311.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171326.html http://www.securitytracker.com/id/1034013
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.