Wind River Support Network

HomeDefectsLIN7-7207

Fixed

LIN7-7207 : Security Advisory - phpmyadmin - CVE-2016-6631

Created: Dec 15, 2016 Updated: Sep 8, 2018

Resolved Date: Dec 27, 2016

Found In Version: 7.0.0.21

Fix Version: 7.0.0.23

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6631

Other Downloads

Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-6631