New task #5580 in phpMyAdmin: multiple remote vulnerabilities in
phpMyAdmin
Flyspray - The bug killer!
btsadmin at pld-linux.org
Wed Dec 15 19:27:10 CET 2004
Project: PLD 1.x (Ra)
Reported by: Paweł Jagoda (blue)
Package: phpMyAdmin
Version: 2.6.0-2.pl2
Summary: multiple remote vulnerabilities in phpMyAdmin
Package : phpMyAdmin
Vulnerability : remote command execution and file disclosure
Problem-Type : remote
CVE ID : CAN-2004-1147, CAN-2004-1148
According to Exaprobe advisory two bugs exist in phpMyAdmin (versions
prior to 2.6.1-rc1) which allow remote attacker execute arbitrary code
and read local files via sql_localfile parameter.
These bugs are valid only when:
- safe mod in php.ini is *disabled*
- external transformations are activated (remote command execution
only)
- $cfg['UploadDir'] is defined (file disclosure)
For remote command execution attacker *doesn't* need access to the
phpMyAdmin interface.
Workaround:
Disable external transformations and deactivate uploads
Sollution:
Upgrade to newer version when as soon as possible.
References:
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1147
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1148
[3] http://www.exaprobe.com/labs/advisories/esa-2004-1213.html
For more further see:
http://bugs.pld-linux.org/index.php?do=details&id=5580
------------------------------------------------------------------------
THIS IS AN AUTOMATICALLY GENERATED MESSAGE, DO NOT REPLY
More information about the pld-bugs
mailing list