SB2016101835 - Input validation error in phpmyadmin (Alpine package)

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016101835

SB2016101835 - Input validation error in phpmyadmin (Alpine package)

Published: October 18, 2016

Security Bulletin ID SB2016101835
Severity
Medium
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Input validation error (CVE-ID: CVE-2016-6630)

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.


Remediation

Install update from vendor's website.

References