Advisories » MGASA-2015-0366

Updated phpmyadmin packages fix CVE-2015-6830

Publication date: 13 Sep 2015
Modification date: 13 Sep 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-6830

Description

Updated phpmyadmin package fixes security vulnerability:

In phpMyAdmin before 4.3.13.2 and 4.4.14.1, installations with reCaptcha
enabled allow completing the reCaptcha test and subsequently performing a
brute force attack to guess user credentials without having to complete
further reCaptcha tests (CVE-2015-6830).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=16724
• https://www.phpmyadmin.net/security/PMASA-2015-4/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830

SRPMS

4/core

• phpmyadmin-4.2.13.3-1.1.mga4

5/core

• phpmyadmin-4.2.13.3-1.1.mga5