Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:2228 |
| Message | WEB-PHP phpMyAdmin db_details_importdocsql.php access |
| Summary | This event is generated when an attempt is made to exploit a known vulnerability in phpMyAdmin. |
| Impact | Varies. Information disclosure, Cross site scripting, unauthorized access, directory traversal. |
| Detailed Information | Multiple versions of the PHP application phpMyAdmin suffer from many known vulnerabilities that can lead to information disclosure, cross site scripting attacks and unauthorized access to the application. |
| Affected Systems | phpMyAdmin 2.0, 2.0.1 to 2.0.5 phpMyAdmin 2.1, 2.1.1, 2.1.2 phpMyAdmin 2.2.2 to 2.2.6 phpMyAdmin 2.3.1, 2.3.2 phpMyAdmin 2.4.0, 2.5.0, 2.5.1 |
| Attack Scenarios | The attacker can utilize a directory traversal technique to disclose information in a sensitive system file, then use that information to propagate further attacks against the system. |
| Ease of Attack | Simple. No exploit software is required. |
| Corrective Action | Upgrade to the latest non-affected version of the software. |
| Additional References | |
| Rule References | bugtraq: 7962 bugtraq: 7965 nessus: 11761 |
--
DID:424421
--
http://www.aanval.com/