← voltar
CVE-2016-9849

CVE-2016-9849

EPSS 2.0%
An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://lists.debian.org/debian-lts-announce/2019/06/msg00009.htmlhttps://security.gentoo.org/glsa/201701-32https://www.phpmyadmin.net/security/PMASA-2016-60http://www.securityfocus.com/bid/94521