Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-9849

Опубликовано: 11 дек. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

РелизСтатусПримечание
artful

not-affected

4:4.6.5.1-1
bionic

not-affected

4:4.6.5.1-1
cosmic

not-affected

4:4.6.5.1-1
devel

not-affected

4:4.6.5.1-1
disco

not-affected

4:4.6.5.1-1
eoan

DNE

esm-apps/bionic

not-affected

4:4.6.5.1-1
esm-apps/focal

not-affected

4:4.6.5.1-1
esm-apps/jammy

not-affected

4:4.6.5.1-1
esm-apps/xenial

released

4:4.5.4.1-2ubuntu2.1+esm5

Показывать по

EPSS

Процентиль: 52%
0.00295
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVSS3: 9.8
nvd
больше 8 лет назад

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

CVSS3: 9.8
debian
больше 8 лет назад

An issue was discovered in phpMyAdmin. It is possible to bypass AllowR ...

CVSS3: 9.8
github
около 3 лет назад

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

EPSS

Процентиль: 52%
0.00295
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3