Vulnerabilities > CVE-2006-5718 - Cross-Site Scripting vulnerability in PHPMyAdmin UTF-7 Encoding

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
phpmyadmin
nessus

Summary

Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2006_071.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2006:071 (phpMyAdmin). The phpMyAdmin package was upgraded to version 2.9.1.1. While we usually do not do version upgrades, fixing the occurring security problems of phpMyAdmin got too difficult so we decided to go with the current upstream version. This release includes fixes for the previously not fixed security problems tracked by the Mitre CVE IDs CVE-2006-3388, CVE-2006-5116, CVE-2006-5117, and CVE-2006-5718 and of course all other bugs fixed in 2.9.1.1.
    last seen2019-10-28
    modified2007-02-18
    plugin id24448
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24448
    titleSUSE-SA:2006:071: phpMyAdmin
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:071
    #
    
    
    if ( ! defined_func("bn_random") ) exit(0);
    
    include("compat.inc");
    
    if(description)
    {
     script_id(24448);
     script_version ("1.9");
     
     name["english"] = "SUSE-SA:2006:071: phpMyAdmin";
     
     script_name(english:name["english"]);
     
     script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a vendor-supplied security patch" );
     script_set_attribute(attribute:"description", value:
    "The remote host is missing the patch for the advisory SUSE-SA:2006:071 (phpMyAdmin).
    
    
    The phpMyAdmin package was upgraded to version 2.9.1.1.
    
    While we usually do not do version upgrades, fixing the occurring
    security problems of phpMyAdmin got too difficult so we decided to
    go with the current upstream version.
    
    This release includes fixes for the previously not fixed security problems
    tracked by the Mitre CVE IDs CVE-2006-3388, CVE-2006-5116, CVE-2006-5117,
    and CVE-2006-5718 and of course all other bugs fixed in 2.9.1.1." );
     script_set_attribute(attribute:"solution", value:
    "http://www.novell.com/linux/security/advisories/2006_71_phpmyadmin.html" );
     script_set_attribute(attribute:"risk_factor", value:"High" );
    
    
    
     script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/18");
     script_end_attributes();
    
     
     summary["english"] = "Check for the version of the phpMyAdmin package";
     script_summary(english:summary["english"]);
     
     script_category(ACT_GATHER_INFO);
     
     script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
     family["english"] = "SuSE Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/SuSE/rpm-list");
     exit(0);
    }
    
    include("rpm.inc");
    if ( rpm_check( reference:"phpMyAdmin-2.9.1.1-2.1", release:"SUSE10.0") )
    {
     security_hole(0);
     exit(0);
    }
    if ( rpm_check( reference:"phpMyAdmin-2.9.1.1-2.1", release:"SUSE9.3") )
    {
     security_hole(0);
     exit(0);
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_PHPMYADMIN-2300.NASL
    descriptionThis patch upgrades the phpMyAdmin package to version 2.9.1.1, including fixes for the security problems tracked by the Mitre CVE IDs CVE-2006-3388, CVE-2006-5116, CVE-2006-5117, and CVE-2006-5718.
    last seen2020-06-01
    modified2020-06-02
    plugin id27395
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27395
    titleopenSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-2300)