Vulnerabilities > CVE-2006-2418 - Cross-Site Scripting vulnerability in PHPmyadmin 2.8.0.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts. Some releases of phpMyAdmin before 2.8.0.4 are affected (2.6.2 tested vulnerable). This vulnerability is addressed in the following product release: phpMyAdmin, phpMyAdmin, 2.8.0.4
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_PHPMYADMIN-1581.NASL description Missing checks of the last seen 2020-06-01 modified 2020-06-02 plugin id 27393 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27393 title openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-1581) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update phpMyAdmin-1581. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27393); script_version ("1.12"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_cve_id("CVE-2006-2417", "CVE-2006-2418"); script_name(english:"openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-1581)"); script_summary(english:"Check for the phpMyAdmin-1581 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Missing checks of the 'db' and 'theme' parameters could be exploited for cross site scripting attacks (CVE-2006-2417, CVE-2006-2418)." ); script_set_attribute( attribute:"solution", value:"Update the affected phpMyAdmin package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:phpMyAdmin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"phpMyAdmin-2.8.0.3-10.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "phpMyAdmin"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1207.NASL description The phpmyadmin update in DSA 1207 introduced a regression. This update corrects this flaw. For completeness, please find below the original advisory text : Several remote vulnerabilities have been discovered in phpMyAdmin, a program to administrate MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-3621 CRLF injection vulnerability allows remote attackers to conduct HTTP response splitting attacks. - CVE-2005-3665 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation. - CVE-2006-1678 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via scripts in the themes directory. - CVE-2006-2418 A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the db parameter of footer.inc.php. - CVE-2006-5116 A remote attacker could overwrite internal variables through the _FILES global variable. last seen 2020-06-01 modified 2020-06-02 plugin id 23656 published 2006-11-20 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23656 title Debian DSA-1207-2 : phpmyadmin - several vulnerabilities
References
- http://lists.suse.com/archive/suse-security-announce/2006-Jun/0003.html
- http://secunia.com/advisories/20113
- http://secunia.com/advisories/20627
- http://secunia.com/advisories/22781
- http://www.debian.org/security/2006/dsa-1207
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2
- http://www.securityfocus.com/bid/17973
- http://www.vupen.com/english/advisories/2006/1794
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26441