1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Candidate: CVE-2011-2505
PublicDate: 2011-07-14
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505
Description:
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication
feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns
values to arbitrary parameters referenced in the query string, which allows
remote attackers to modify the SESSION superglobal array via a crafted
request, related to a "remote variable manipulation vulnerability."
Ubuntu-Description:
Notes:
Bugs:
https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/806788
Priority: medium
Discovered-by:
Assigned-to:
Patches_phpmyadmin:
upstream_phpmyadmin: released (4:3.4.3.1-1)
hardy_phpmyadmin: ignored (reached end-of-life)
lucid_phpmyadmin: ignored (reached end-of-life)
maverick_phpmyadmin: ignored (reached end-of-life)
natty_phpmyadmin: ignored (reached end-of-life)
oneiric_phpmyadmin: released (4:3.4.3.1-1)
precise_phpmyadmin: released (4:3.4.3.1-1)
quantal_phpmyadmin: released (4:3.4.3.1-1)
raring_phpmyadmin: released (4:3.4.3.1-1)
saucy_phpmyadmin: released (4:3.4.3.1-1)
devel_phpmyadmin: released (4:3.4.3.1-1)
|