oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

phpMyAdmin code execution (CVE request)

From: Thijs Kinkhorst <thijs () debian org>
Date: Mon, 15 Sep 2008 20:50:37 +0200
Hi all,

"- (2.11.9.1)  [security] Code execution vulnerability"

http://www.phpmyadmin.net/home_page/downloads.php?relnotes=1

"Welcome to this security update for phpMyAdmin 2.11.9.
Details will follow on http://phpmyadmin.net.";

http://www.nabble.com/phpMyAdmin-2.11.9.1-is-released-td19497113.html

Attached patch is the fix from upstream. Judging from that (no other 
information is available yet), an authenticated user can supply a crafted 
sort_by parameter to server_databases.php, which will be turned in to 
executed PHP code because it is passed into create_function(). It is present 
at least since 2.9.1.

I would like to have a CVE id to refer to this issue.

Thijs

Attachment: pma_codeexecution.diff
Description:

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: