First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 175847
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Lars Hartmann <lars@chaotika.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 175847 depends on: Show dependency tree
Show dependency graph
Bug 175847 blocks: 160337

Additional Comments: (this is where you put emerge --info)







View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-04-24 12:52 0000 
Some vulnerabilities have been reported in phpMyAdmin, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Input passed to the "fieldkey" parameter in browse_foreigners.php and input
passed to the "PMA_sanitize()" function is not properly sanitised before being
returned to the user. This can be exploited to execute arbitrary HTML and
script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in versions prior to 2.10.1.

Reproducible: Always

------- Comment #1 From Lars Hartmann 2007-04-24 15:32:02 0000 ------- 
maintainers - please provide a fix

------- Comment #2 From Lars Hartmann 2007-04-25 17:19:44 0000 ------- 
The weaknesses are reported in versions prior to 2.4.34.3.

Solution:
Update to version 2.4.34.3.

------- Comment #3 From Lars Hartmann 2007-04-27 14:03:38 0000 ------- 
(In reply to comment #2)
> The weaknesses are reported in versions prior to 2.4.34.3.
> 
> Solution:
> Update to version 2.4.34.3.
> 

This post doesnt belong here, i pasted it into the wrong tab,
sorry

------- Comment #4 From Sune Kloppenborg Jeppesen 2007-05-02 14:29:25 0000 ------- 
maintainers please advise.

------- Comment #5 From Jakub Moc 2007-05-07 11:22:29 0000 ------- 
*** Bug 177450 has been marked as a duplicate of this bug. ***

------- Comment #6 From Lars Hartmann 2007-05-15 13:31:45 0000 ------- 
maintainers - please advise

------- Comment #7 From Lars Hartmann 2007-05-23 15:37:56 0000 ------- 
maintainers - please provide an updated ebuild

------- Comment #8 From Lars Hartmann 2007-05-23 20:58:41 0000 ------- 
maintainers - please bump the ebuild

------- Comment #9 From Jakub Moc 2007-05-25 15:37:36 0000 ------- 
*** Bug 179760 has been marked as a duplicate of this bug. ***

------- Comment #10 From Jakub Moc 2007-05-26 19:09:21 0000 ------- 
*** Bug 179914 has been marked as a duplicate of this bug. ***

------- Comment #11 From Renat Lumpau 2007-05-28 00:54:16 0000 ------- 
2.10.1 is in the tree

------- Comment #12 From Sune Kloppenborg Jeppesen 2007-05-28 06:27:20 0000 ------- 
Thx Renat.

Arches please test and mark stable. Target keywords are:

phpmyadmin-2.10.1.ebuild:KEYWORDS="alpha amd64 hppa ppc ppc64 sparc x86
~x86-fbsd"

------- Comment #13 From Gustavo Zacarias (RETIRED) 2007-05-28 12:38:29 0000 ------- 
sparc stable.

------- Comment #14 From Brent Baude 2007-05-28 12:55:38 0000 ------- 
ppc64 stable

------- Comment #15 From Jeroen Roovers 2007-05-28 17:01:18 0000 ------- 
Stable for HPPA.

------- Comment #16 From Jose Luis Rivero (yoswink) 2007-05-28 18:33:15 0000 ------- 
stable on alpha

------- Comment #17 From Tobias Scherbaum 2007-05-29 05:26:32 0000 ------- 
ppc stable

------- Comment #18 From Emanuele Gentili 2007-05-29 06:32:26 0000 ------- 
Stable for x86.

------- Comment #19 From Andrej Kacian (RETIRED) 2007-05-29 22:11:50 0000 ------- 
x86 _marked_ stable

------- Comment #20 From Lars Hartmann 2007-05-30 16:30:47 0000 ------- 
Thanks everyone for the help.
This one is ready for GLSA decision.

------- Comment #21 From Sune Kloppenborg Jeppesen 2007-05-30 17:23:26 0000 ------- 
I vote YES.

------- Comment #22 From Pierre-Yves Rofes 2007-05-31 09:26:32 0000 ------- 
voting YES too.

------- Comment #23 From Christoph Mende 2007-05-31 21:56:56 0000 ------- 
Just one thing before you finish voting: amd64 stable

------- Comment #24 From Raphael Marichez 2007-06-01 15:05:12 0000 ------- 
i vote no but it's too late :/ 

XSS or information disclosure on a non-tipically internet-oriented web
application, i always vote no. But as you want.

------- Comment #25 From Sune Kloppenborg Jeppesen 2007-06-02 14:27:09 0000 ------- 
We only released a couple of XSS GLSAs for phpmyadmin and they both date back
years. When voting I was thinking that some web hosts would probably give
access to their customers.

------- Comment #26 From Raphael Marichez 2007-06-05 13:40:09 0000 ------- 
(In reply to comment #25)
> We only released a couple of XSS GLSAs for phpmyadmin and they both date back
> years. When voting I was thinking that some web hosts would probably give
> access to their customers.
> 

If it's not a permanent XSS (i suppose it is not), the impact is very weak. An
attacker would hardly manage to steal the administrator's credentials. The only
realistic attack would be sending a crafted URL by mail or chat to an
administrator, and ask him to click on it. That does not merit a GLSA imho.

------- Comment #27 From Sune Kloppenborg Jeppesen 2007-06-05 14:02:54 0000 ------- 
If that is the case I don't believe one is necessary too.

------- Comment #28 From Raphael Marichez 2007-06-05 18:44:56 0000 ------- 
OK so closing without GLSA, and fixing severity. Feel free to reopen if you
disagree.
First Last Prev Next    No search results available      Search page      Enter new bug