phpMyAdmin: Multiple vulnerabilities

phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been found in phpMyAdmin, allowing remote authenticated attackers to execute arbitrary code, inject SQL code or conduct other attacks. phpmyadmin 2013-11-04 2013-11-04 465420 467080 478696 479870 remote 4.0.5 4.0.5

phpMyAdmin is a web-based management tool for MySQL databases.

Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details.

A remote authenticated attacker could exploit these vulnerabilities to execute arbitrary code with the privileges of the process running phpMyAdmin, inject SQL code, or to conduct Cross-Site Scripting and Clickjacking attacks.

There is no known workaround at this time.

All phpMyAdmin users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-4.0.5"

CVE-2013-1937 CVE-2013-3238 CVE-2013-3239 CVE-2013-4995 CVE-2013-4996 CVE-2013-4997 CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CVE-2013-5001 CVE-2013-5002 CVE-2013-5003 CVE-2013-5029 a3li a3li