phpMyAdmin: Multiple vulnerabilities

phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been found in phpMyAdmin, allowing remote authenticated attackers to execute arbitrary code, inject SQL code or conduct other attacks. phpmyadmin November 04, 2013 November 04, 2013: 1 465420 467080 478696 479870 remote 4.0.5 4.0.5

phpMyAdmin is a web-based management tool for MySQL databases.

Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details.

A remote authenticated attacker could exploit these vulnerabilities to execute arbitrary code with the privileges of the process running phpMyAdmin, inject SQL code, or to conduct Cross-Site Scripting and Clickjacking attacks.

There is no known workaround at this time.

All phpMyAdmin users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-4.0.5"

CVE-2013-1937 CVE-2013-3238 CVE-2013-3239 CVE-2013-4995 CVE-2013-4996 CVE-2013-4997 CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CVE-2013-5001 CVE-2013-5002 CVE-2013-5003 CVE-2013-5029 a3li a3li