phpMyAdmin 4.6.x SQL注入漏洞

未知 0条评论
受影响系统: phpMyAdmin phpMyAdmin 4.6.x phpMyAdmin phpMyAdmin 4.4.x 描述: -------------------------------------------------------------------------------- CVE(CAN) ID: CVE-2016-5703 phpmyadmin是MySQL数据库的在线管理工具。 phpmyadmin 4.6.

受影响系统:

  

  phpMyAdmin phpMyAdmin 4.6.x

  

  phpMyAdmin phpMyAdmin 4.4.x

  

  描述:

  

  --------------------------------------------------------------------------------

  

  CVE(CAN) ID: CVE-2016-5703

  

  phpmyadmin是MySQL数据库的在线管理工具。

  

  phpmyadmin 4.6.x、4.4.x版本存在SQL注入漏洞,攻击者利用此漏洞可以root权限运行任意命令。

  

  <*来源:"geeknik" Carpenter

  

  *>

  

  建议:

  

  --------------------------------------------------------------------------------

  

  厂商补丁:

  

  phpMyAdmin

  

  ----------

  

  目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

  

  https://www.phpmyadmin.net/security/PMASA-2016-19/

  

  https://www.phpmyadmin.net/security/PMASA-2016-20/

  

  https://www.phpmyadmin.net/security/PMASA-2016-21/

  

  https://www.phpmyadmin.net/security/PMASA-2016-22/

  

  https://www.phpmyadmin.net/security/PMASA-2016-23/

  

  https://www.phpmyadmin.net/security/PMASA-2016-24/

  

  https://www.phpmyadmin.net/security/PMASA-2016-25/

  

  https://www.phpmyadmin.net/security/PMASA-2016-26/

  

  https://www.phpmyadmin.net/security/PMASA-2016-27/

  

  https://www.phpmyadmin.net/security/PMASA-2016-28/



QQ菜鸟网提醒您:本活动还有秒将失效

本文地址:http://www.qqcnw.com/a/2823.html 

相关文章