CVE-2015-2206

Related Files

Debian Security Advisory 3382-1

Posted Oct 29, 2015

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3382-1 - Several issues have been fixed in phpMyAdmin, the web administration tool for MySQL.

tags | advisory, web

systems | linux, debian

advisories | CVE-2014-8958, CVE-2014-9218, CVE-2015-2206, CVE-2015-3902, CVE-2015-3903, CVE-2015-6830, CVE-2015-7873

SHA-256 | a93f6314c208ca69323c9cf6014b4a03fe8867726f8c572dd496581e32bcf7e7

Download | Favorite | View

Mandriva Linux Security Advisory 2015-186

Posted Apr 1, 2015

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-186 - libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests. This upgrade provides the latest phpmyadmin version to address this vulnerability. Additionally, the phpseclib package has been upgraded to the 0.3.10 version.

tags | advisory, remote, web, php

systems | linux, mandriva

advisories | CVE-2015-2206

SHA-256 | cb476e4dc5b3151a3746cb21a1fb8feb234d1026555f5fc162763d2baa1a81e9

Download | Favorite | View