Cryptographic issues in phpmyadmin (Alpine package)



Published: 2016-12-29
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-9847
CWE-ID CWE-310
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		phpmyadmin (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Cryptographic issues

EUVDB-ID: #VU33346

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-9847

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Mitigation

Install update from vendor's website.

Vulnerable software versions

phpmyadmin (Alpine package): 4.0.4.1-r0 - 4.4.15.8-r0

CPE2.3 External links

http://git.alpinelinux.org/aports/commit/?id=e3226bf79b872494874e7f139d2c88c069c4d60f
http://git.alpinelinux.org/aports/commit/?id=0e6a7a8f8c8d0d3eb1d715818e76bf4d0664e638
http://git.alpinelinux.org/aports/commit/?id=3c5da8c4643bf2ec21c87b1c68b3ad2c149fc3b9
http://git.alpinelinux.org/aports/commit/?id=b36b3560d17cde1b9b07e17906ea6b7612b04cce
http://git.alpinelinux.org/aports/commit/?id=3e72f91bb20ef89058467b81ddaf2c5793af3ec9
http://git.alpinelinux.org/aports/commit/?id=517afce6b9a2a1a80adab744a77278db53d919f7
http://git.alpinelinux.org/aports/commit/?id=a35fc5fa306c1b74cf13f5f8a6624b47b0409a82


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###