Fedora 23 update for phpMyAdmin
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2016-5097 CVE-2016-5098 CVE-2016-5099 |
| CWE-ID | CWE-200 CWE-22 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Fedora Operating systems & Components / Operating system phpMyAdmin Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU40213
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-5097
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 23
phpMyAdmin: before 4.6.2-1.fc23
CPE2.3- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:phpmyadmin:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2016-55261b6815
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Path traversal
EUVDB-ID: #VU40212
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-5098
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease. A remote authenticated attacker can send a specially crafted HTTP request and remote attackers to determine the existence of arbitrary files by triggering an error. Per <a href="https://www.phpmyadmin.net/security/PMASA-2016-15/">Vendor Advisory</a>: "No released version was vulnerable.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 23
phpMyAdmin: before 4.6.2-1.fc23
CPE2.3- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:phpmyadmin:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2016-55261b6815
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site scripting
EUVDB-ID: #VU40211
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-5099
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 23
phpMyAdmin: before 4.6.2-1.fc23
CPE2.3- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:phpmyadmin:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2016-55261b6815
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
