FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpMyAdmin -- reCaptcha bypass

Affected packages
4.4.0	<=	phpMyAdmin	<	4.4.14.1

Details

VuXML ID	3904f759-5659-11e5-a207-6805ca0b3d42
Discovery	2015-09-08
Entry	2015-09-08

The phpMyAdmin development team reports:

This vulnerability allows to complete the reCaptcha test and subsequently perform a brute force attack to guess user credentials without having to complete further reCaptcha tests.

We consider this vulnerability to be non critical since reCaptcha is an additional opt-in security measure.

[source]

References

CVE Name	CVE-2015-6830
URL	https://www.phpmyadmin.net/security/PMASA-2015-4/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.