1
Candidate: CVE-2016-6630
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6630
5
http://www.phpmyadmin.net/security/PMASA-2016-53/
7
An issue was discovered in phpMyAdmin. An authenticated user can trigger a
8
denial-of-service (DoS) attack by entering a very long password at the
9
change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions
10
(prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
15
Discovered-by: Emanuel Bronshtein
19
upstream: https://github.com/phpmyadmin/phpmyadmin/commit/0cbf747
20
upstream_phpmyadmin: released (4:4.6.4+dfsg1-1)
21
precise_phpmyadmin: ignored (reached end-of-life)
22
precise/esm_phpmyadmin: DNE (precise was needed)
23
trusty_phpmyadmin: needed
24
vivid/stable-phone-overlay_phpmyadmin: DNE
25
vivid/ubuntu-core_phpmyadmin: DNE
26
xenial_phpmyadmin: needed
27
yakkety_phpmyadmin: not-affected (4:4.6.4+dfsg1-1)
28
zesty_phpmyadmin: not-affected (4:4.6.4+dfsg1-1)
29
artful_phpmyadmin: not-affected (4:4.6.4+dfsg1-1)
30
bionic_phpmyadmin: not-affected (4:4.6.4+dfsg1-1)
31
devel_phpmyadmin: not-affected (4:4.6.4+dfsg1-1)