Executive Summary
Summary | |
---|---|
Title | phpMyAdmin: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-200903-32 | First vendor Publication | 2009-03-18 |
Vendor | Gentoo | Last vendor Modification | 2009-03-18 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 8.5 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of which may allow for remote code execution. Background Description * libraries/database_interface.lib.php in phpMyAdmin allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function (CVE-2008-4096). * Cross-site scripting (XSS) vulnerability in pmd_pdf.php allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977 * Cross-site request forgery (CSRF) vulnerability in phpMyAdmin allows remote authenticated attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: this can be leveraged to conduct SQL injection attacks and execute arbitrary code (CVE-2008-5621). * Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin allow remote attackers to conduct SQL injection attacks via unknown vectors related to the table parameter, a different vector than CVE-2008-5621 (CVE-2008-5622). Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-200903-32.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-200903-32.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
60 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
20 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
20 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13581 | |||
Oval ID: | oval:org.mitre.oval:def:13581 | ||
Title: | DSA-1723-1 phpmyadmin -- insufficient input sanitising | ||
Description: | Michael Brooks discovered that phpMyAdmin, a tool to administrate MySQL over the web, performs insufficient input sanitising allowing a user assisted remote attacker to execute code on the webserver. For the stable distribution, this problem has been fixed in version 4:2.9.1.1-10. For the testing distribution and unstable distribution, this problem has been fixed in version 2.11.8.1-5. We recommend that you upgrade your phpmyadmin package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1723-1 CVE-2008-5621 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | phpmyadmin |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8145 | |||
Oval ID: | oval:org.mitre.oval:def:8145 | ||
Title: | DSA-1723 phpmyadmin -- insufficient input sanitising | ||
Description: | Michael Brooks discovered that phpMyAdmin, a tool to administrate MySQL over the web, performs insufficient input sanitising allowing a user assisted remote attacker to execute code on the webserver. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1723 CVE-2008-5621 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | phpmyadmin |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8155 | |||
Oval ID: | oval:org.mitre.oval:def:8155 | ||
Title: | DSA-1641 phpmyadmin -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administrate MySQL databases over the web. The Common Vulnerabilities and Exposures project identifies the following problems: Remote authenticated users could execute arbitrary code on the host running phpMyAdmin through manipulation of a script parameter. Crossite scripting through the setup script was possible in rare circumstances. Protection has been added against remote websites loading phpMyAdmin into a frameset. Cross site request forgery allowed remote attackers to create a new database, but not perform any other action on it. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1641 CVE-2008-3197 CVE-2008-3456 CVE-2008-3457 CVE-2008-4096 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | phpmyadmin |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-03-21 | Name : phpMyAdmin DB_Create.PHP Multiple Input Validation Vulnerabilities File : nvt/phpmyadmin_cve_2007_5976.nasl |
2009-03-21 | Name : phpMyAdmin Multiple Input Validation Vulnerabilities File : nvt/phpmyadmin_cve_2006_6942.nasl |
2009-03-20 | Name : Gentoo Security Advisory GLSA 200903-32 (phpmyadmin) File : nvt/glsa_200903_32.nasl |
2009-03-02 | Name : Mandrake Security Advisory MDVSA-2009:026-1 (phpMyAdmin) File : nvt/mdksa_2009_026_1.nasl |
2009-02-27 | Name : Fedora Update for phpMyAdmin FEDORA-2007-3627 File : nvt/gb_fedora_2007_3627_phpMyAdmin_fc7.nasl |
2009-02-27 | Name : Fedora Update for phpMyAdmin FEDORA-2007-3636 File : nvt/gb_fedora_2007_3636_phpMyAdmin_fc8.nasl |
2009-02-27 | Name : Fedora Update for phpMyAdmin FEDORA-2007-3639 File : nvt/gb_fedora_2007_3639_phpMyAdmin_fc8.nasl |
2009-02-27 | Name : Fedora Update for phpMyAdmin FEDORA-2007-3666 File : nvt/gb_fedora_2007_3666_phpMyAdmin_fc7.nasl |
2009-02-17 | Name : Fedora Update for phpMyAdmin FEDORA-2008-9336 File : nvt/gb_fedora_2008_9336_phpMyAdmin_fc8.nasl |
2009-02-17 | Name : Fedora Update for phpMyAdmin FEDORA-2008-9316 File : nvt/gb_fedora_2008_9316_phpMyAdmin_fc9.nasl |
2009-02-17 | Name : Fedora Update for phpMyAdmin FEDORA-2008-8335 File : nvt/gb_fedora_2008_8335_phpMyAdmin_fc9.nasl |
2009-02-17 | Name : Fedora Update for phpMyAdmin FEDORA-2008-8370 File : nvt/gb_fedora_2008_8370_phpMyAdmin_fc9.nasl |
2009-02-02 | Name : SuSE Security Summary SUSE-SR:2009:003 File : nvt/suse_sr_2009_003.nasl |
2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:026 (phpMyAdmin) File : nvt/mdksa_2009_026.nasl |
2008-12-23 | Name : FreeBSD Ports: phpMyAdmin211 File : nvt/freebsd_phpMyAdmin211.nasl |
2008-12-23 | Name : phpMyAdmin Multiple CSRF SQL Injection Vulnerabilities File : nvt/gb_phpmyadmin_mult_xsrf_vuln.nasl |
2008-11-19 | Name : FreeBSD Ports: phpMyAdmin File : nvt/freebsd_phpMyAdmin17.nasl |
2008-10-31 | Name : phpMyAdmin pmd_pdf.php Cross Site Scripting Vulnerability File : nvt/gb_phpmyadmin_pmd_pdf_xss_vuln.nasl |
2008-10-03 | Name : phpMyAdmin 'server_databases.php' Remote Command Execution Vulnerability File : nvt/secpod_phpmyadmin_remote_command_exe_vuln_900130.nasl |
2008-09-24 | Name : FreeBSD Ports: phpMyAdmin File : nvt/freebsd_phpMyAdmin16.nasl |
2008-09-24 | Name : Debian Security Advisory DSA 1641-1 (phpmyadmin) File : nvt/deb_1641_1.nasl |
2008-09-04 | Name : FreeBSD Ports: phpMyAdmin File : nvt/freebsd_phpMyAdmin12.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1370-2 (phpmyadmin) File : nvt/deb_1370_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1370-1 (phpmyadmin) File : nvt/deb_1370_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
58824 | PhpMyAdmin sql.php pos Parameter XSS PhpMyAdmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'pos' parameters upon submission to the 'sql.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
58823 | PhpMyAdmin querywindow.php Multiple Parameter XSS PhpMyAdmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'query_history_latest', 'query_history_latest_db', and 'querydisplay_tab' parameters upon submission to the 'querywindow.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
58822 | PhpMyAdmin db_operations.php Multiple Parameter XSS PhpMyAdmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'newname' and table name comment parameters upon submission to the 'db_operations.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
58821 | PhpMyAdmin db_create.php db Parameter XSS PhpMyAdmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'db' parameters upon submission to the 'db_create.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
51237 | phpMyAdmin table Parameter Unspecified CSRF |
50634 | phpMyAdmin tbl_structure.php table Parameter CSRF |
49692 | TYPO3 phpMyAdmin Extension pmd_pdf.php db Parameter XSS TYPO3 phpMyAdmin Extension contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the db variable upon submission to the pmd_pdf.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
49437 | phpMyAdmin pmd_pdf.php db Parameter XSS |
48154 | phpMyAdmin server_databases.php sort_by Variable Arbitrary PHP Code Execution |
38714 | phpMyAdmin db_create.php db Parameter XSS phpMyAdmin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'db' variable upon submission to the 'db_create.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_phpMyAdmin-090119.nasl - Type : ACT_GATHER_INFO |
2009-03-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-32.nasl - Type : ACT_GATHER_INFO |
2009-02-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1723.nasl - Type : ACT_GATHER_INFO |
2009-01-22 | Name : The remote openSUSE host is missing a security update. File : suse_phpMyAdmin-5935.nasl - Type : ACT_GATHER_INFO |
2008-12-15 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11221.nasl - Type : ACT_GATHER_INFO |
2008-12-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_54f72962c7ba11dda7210030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-11-03 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_85b0bbc8a7a511dd8283001c2514716c.nasl - Type : ACT_GATHER_INFO |
2008-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9336.nasl - Type : ACT_GATHER_INFO |
2008-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9316.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8335.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8370.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8286.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8269.nasl - Type : ACT_GATHER_INFO |
2008-09-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1641.nasl - Type : ACT_GATHER_INFO |
2008-09-17 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_74bf1594849311ddbb640030843d3802.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3666.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3639.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3636.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3627.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_2d2dcbb4906c11dca9510016179b2dd5.nasl - Type : ACT_GATHER_INFO |
2007-09-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1370.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:36:24 |
|
2013-05-11 00:45:01 |
|