SB2016052611 - Fedora 23 update for phpMyAdmin
Published: May 26, 2016 Updated: April 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2016-5097)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.
2) Path traversal (CVE-ID: CVE-2016-5098)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease. A remote authenticated attacker can send a specially crafted HTTP request and remote attackers to determine the existence of arbitrary files by triggering an error. Per <a href="https://www.phpmyadmin.net/security/PMASA-2016-15/">Vendor Advisory</a>: "No released version was vulnerable.
3) Cross-site scripting (CVE-ID: CVE-2016-5099)
Vulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Install update from vendor's website.