---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Debian update for phpmyadmin SECUNIA ADVISORY ID: SA22781 VERIFY ADVISORY: http://secunia.com/advisories/22781/ CRITICAL: Less critical IMPACT: Hijacking, Cross Site Scripting, Exposure of system information WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for phpmyadmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, HTTP response splitting attacks, and cross-site forgery request attacks. For more information: SA17578 SA17895 SA19556 SA20113 SA22126 SOLUTION: Apply updated packages. -- Debian GNU/Linux alias sarge -- Source archives: http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge2.dsc Size/MD5 checksum: 604 b650978a6bf3102a49350166d186335e http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge2.diff.gz Size/MD5 checksum: 37905 1d1a6528059d2e0420670e557935967b http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2.orig.tar.gz Size/MD5 checksum: 2654418 05e33121984824c43d94450af3edf267 Architecture independent components: http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge2_all.deb Size/MD5 checksum: 2768594 73c65fac24493138f7adb9fddf507d7a -- Debian GNU/Linux unstable alias sid -- Fixed in version 2.9.0.3-1. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1207 OTHER REFERENCES: SA17578: http://secunia.com/advisories/17578/ SA17895: http://secunia.com/advisories/17895/ SA19556: http://secunia.com/advisories/19556/ SA20113: http://secunia.com/advisories/20113/ SA22126: http://secunia.com/advisories/22126/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------