phpMyAdmin DoS Vulnerability
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Jul 31, 2023
Package
Affected versions
>= 4.6, < 4.6.4
>= 4.4, < 4.4.15.8
>= 4.0, < 4.0.10.17
Patched versions
4.6.4
4.4.15.8
4.0.10.17
Description
Published by the National Vulnerability Database
Dec 11, 2016
Published to the GitHub Advisory Database
May 14, 2022
Last updated
Jul 31, 2023
Reviewed
Jul 31, 2023
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with
$cfg['AllowArbitraryServer']=true
. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.References