Executive Summary

Summary
TitleNew phpmyadmin packages fix several vulnerabilities
Informations
NameDSA-2097First vendor Publication2010-08-29
VendorDebianLast vendor Modification2010-09-11
Severity (Vendor) N/ARevision2

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The update in DSA 2097 for phpMyAdmin did not correctly apply the intended changes, thereby not completely addressing the vulnerabilities. Updated packages now fix the issues described in the original advisory text below.

Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2010-3055

The configuration setup script does not properly sanitise its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request. In Debian, the setup tool is protected through Apache HTTP basic authentication by default.

CVE-2010-3056

Various cross site scripting issues have been discovered that allow a remote attacker to inject arbitrary web script or HTML.

For the stable distribution (lenny), these problems have been fixed in version 2.11.8.1-5+lenny6.

For the testing (squeeze) and unstable distribution (sid), these problems have been fixed in version 3.3.5.1-1.

We recommend that you upgrade your phpmyadmin package.

Original Source

Url : http://www.debian.org/security/2010/dsa-2097

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls
CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application58

Open Source Vulnerability Database (OSVDB)

idDescription
67491phpMyAdmin libraries/sqlparser.lib.php Unspecified Parameter XSS
67490phpMyAdmin libraries/sanitizing.lib.php Unspecified Parameter XSS
67489phpMyAdmin libraries/db_info.inc.php Unspecified Parameter XSS
67488phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
67487phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
67486phpMyAdmin libraries/database_interface.lib.php Unspecified Parameter XSS
67485phpMyAdmin libraries/common.lib.php Unspecified Parameter XSS
67343phpMyAdmin Extension for TYPO3 Multiple Unspecified XSS
67325phpMyAdmin tbl_sql.php Unspecified Parameter XSS
67324phpMyAdmin tbl_replace.php fields[multi_edit][] Parameter XSS
67323phpMyAdmin sql.php Multiple Parameter XSS
67322phpMyAdmin setup/config.php DefaultLang Parameter XSS
67321phpMyAdmin server_privileges.php Multiple Parameter XSS
67320phpMyAdmin server_databases.php sort_by Parameter XSS
67319phpMyAdmin js/messages.php db Parameter XSS
67318phpMyAdmin db_structure.php sort Parameter XSS
67317phpMyAdmin db_sql.php delimiter Parameter XSS
67316phpMyAdmin db_search.php field_str Parameter XSS
67310phpMyAdmin setup.php Configuration File Arbitrary PHP Code Injection