phpMyAdmin Directory Traversal Vulnerability (CVE-2016-6614)

  Severity: MEDIUM

  DESCRIPTION

phpMyAdmin is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve sensitive information. This may aid in further attacks. phpMyAdmin 4.6.x prior to 4.6.4, 4.4.x prior to 4.4.15.8 and 4.0.x prior to 4.0.10.17 are vulnerable.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1005933