phpMyAdmin CVE-2016-6629 Security Bypass Vulnerability
BID:92493
CVE-2016-6629 |Info
phpMyAdmin CVE-2016-6629 Security Bypass Vulnerability
| Bugtraq ID: | 92493 |
| Class: | Design Error |
| CVE: |
CVE-2016-6629 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 25 2016 12:00AM |
| Updated: | Oct 03 2016 03:02AM |
| Credit: | Emanuel Bronshtein |
| Vulnerable: |
Typo3 phpMyAdmin 5.1.6 Typo3 phpMyAdmin 5.1.5 Typo3 phpMyAdmin 5.1.4 Typo3 phpMyAdmin 4.11.9 Typo3 phpMyAdmin 4.11.8 Typo3 phpMyAdmin 4.11.5 Typo3 phpMyAdmin 4.11.4 Typo3 phpMyAdmin 4.11.2 Typo3 phpMyAdmin 4.11.1 Typo3 phpMyAdmin 4.11 Typo3 phpMyAdmin 4.10.3 Typo3 phpMyAdmin 4.9 Typo3 phpMyAdmin 4.8.1 Typo3 phpMyAdmin 4.5 Typo3 phpMyAdmin 4.3 Typo3 phpMyAdmin 4.2 Typo3 phpMyAdmin 4.1.1 Typo3 phpMyAdmin 4.1 Typo3 phpMyAdmin 3.4 Typo3 phpMyAdmin 3.3 Typo3 phpMyAdmin 3.2 Typo3 phpMyAdmin 3.0.1 Typo3 phpMyAdmin 3.0 Typo3 phpMyAdmin 0.2.2 phpMyAdmin phpMyAdmin 4.6.2 phpMyAdmin phpMyAdmin 4.6.1 phpMyAdmin phpMyAdmin 4.6 phpMyAdmin phpMyAdmin 4.4.15 phpMyAdmin phpMyAdmin 4.4.13 phpMyAdmin phpMyAdmin 4.4.12 phpMyAdmin phpMyAdmin 4.4.11 phpMyAdmin phpMyAdmin 4.4.10 phpMyAdmin phpMyAdmin 4.4.1 phpMyAdmin phpMyAdmin 4.4 phpMyAdmin phpMyAdmin 4.0.1 phpMyAdmin phpMyAdmin 4.0 phpMyAdmin phpMyAdmin 4.6.3 phpMyAdmin phpMyAdmin 4.4.15.7 phpMyAdmin phpMyAdmin 4.4.15.6 phpMyAdmin phpMyAdmin 4.4.15.5 phpMyAdmin phpMyAdmin 4.4.15.4 phpMyAdmin phpMyAdmin 4.4.15.3 phpMyAdmin phpMyAdmin 4.4.15.2 phpMyAdmin phpMyAdmin 4.4.15.1 phpMyAdmin phpMyAdmin 4.4.14.1 phpMyAdmin phpMyAdmin 4.4.14 phpMyAdmin phpMyAdmin 4.4.13.1 phpMyAdmin phpMyAdmin 4.4.1.1 phpMyAdmin phpMyAdmin 4.0.10.9 phpMyAdmin phpMyAdmin 4.0.10.8 phpMyAdmin phpMyAdmin 4.0.10.7 phpMyAdmin phpMyAdmin 4.0.10.6 phpMyAdmin phpMyAdmin 4.0.10.5 phpMyAdmin phpMyAdmin 4.0.10.4 phpMyAdmin phpMyAdmin 4.0.10.3 phpMyAdmin phpMyAdmin 4.0.10.2 phpMyAdmin phpMyAdmin 4.0.10.16 phpMyAdmin phpMyAdmin 4.0.10.15 phpMyAdmin phpMyAdmin 4.0.10.14 phpMyAdmin phpMyAdmin 4.0.10.13 phpMyAdmin phpMyAdmin 4.0.10.12 phpMyAdmin phpMyAdmin 4.0.10.11 phpMyAdmin phpMyAdmin 4.0.10.10 phpMyAdmin phpMyAdmin 4.0.10.1 phpMyAdmin phpMyAdmin 4.0.10 |
| Not Vulnerable: |
Typo3 phpMyAdmin 5.1.7 phpMyAdmin phpMyAdmin 4.6.4 phpMyAdmin phpMyAdmin 4.4.15.8 phpMyAdmin phpMyAdmin 4.0.10.17 |
Discussion
phpMyAdmin CVE-2016-6629 Security Bypass Vulnerability
phpMyAdmin is prone to a security bypass vulnerability.
An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks.
phpMyAdmin is prone to a security bypass vulnerability.
An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks.
Exploit / POC
phpMyAdmin CVE-2016-6629 Security Bypass Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
phpMyAdmin CVE-2016-6629 Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
phpMyAdmin CVE-2016-6629 Security Bypass Vulnerability
References:
References:
- phpMyAdmin Homepage (phpMyAdmin)
- TYPO3-EXT-SA-2016-025: Multiple vulnerabilities in extension 'phpMyAdmin' (phpmy (TYPO3)
- PMASA-2016-52: ArbitraryServerRegexp bypass (phpmyadmin)