drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Cross-Site Scripting in phpmyadmin
Name: |
Cross-Site Scripting in phpmyadmin |
|
ID: |
TLSA-2008-29 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition |
|
Datum: |
Sa, 19. Juli 2008, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2960 |
|
Applikationen: |
phpMyAdmin |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2008-29 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 18 Jul 2008 Last revised: 18 Jul 2008
Package: phpmyadmin
Summary: Cross-site scripting (XSS) vulnerability
More information: phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web.
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/. (CVE-2008-2960)
Affected Products: - Turbolinux Appliance Server 3.0 x64 Edition - Turbolinux Appliance Server 3.0
<Turbolinux Appliance Server 3.0 x64 Edition>
Source Packages Size: MD5
phpmyadmin-2.11.7-1.src.rpm 3106306 67eb1e8ba275e08ad62d1ac6ff15401c
Binary Packages Size: MD5
phpmyadmin-2.11.7-1.noarch.rpm 4439307 65d2e8b1159f610b75281efad67ead19
<Turbolinux Appliance Server 3.0>
Source Packages Size: MD5
phpmyadmin-2.11.7-1.src.rpm 3106306 67eb1e8ba275e08ad62d1ac6ff15401c
Binary Packages Size: MD5
phpmyadmin-2.11.7-1.noarch.rpm 4440156 3d75beb7b61062e851e718ee85c1f2e9
References:
CVE [CVE-2008-2960] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2960
-------------------------------------------------------------------------- Revision History 18 Jul 2008 Initial release --------------------------------------------------------------------------
Copyright(C) 2008 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiAaegACgkQK0LzjOqIJMz73gCfapF8XVcPRvNjaBolRgo8GPjF rqsAn1ab8NAVkJCTXNpnXZ2GioES6Re6 =WvsK -----END PGP SIGNATURE-----
|
|
|
|