Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 244914 (CVE-2008-4775) - dev-db/phpmyadmin <= 2.11.9.2: "db" Cross-Site Scripting Vulnerability (CVE-2008-4775)
Summary: dev-db/phpmyadmin <= 2.11.9.2: "db" Cross-Site Scripting Vulnerability (CVE-2...
Status: RESOLVED FIXED
Alias: CVE-2008-4775
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/32449/
Whiteboard: B4 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-10-29 18:57 UTC by Matti Bickel (RETIRED)
Modified: 2009-03-18 22:32 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matti Bickel (RETIRED) gentoo-dev 2008-10-29 18:57:30 UTC
From Secunia:

CRITICAL:
Less critical

IMPACT:
Cross Site Scripting

WHERE:
From remote

SOFTWARE:
phpMyAdmin 2.x
http://secunia.com/advisories/product/1720/
phpMyAdmin 3.x
http://secunia.com/advisories/product/20256/

DESCRIPTION:
Hadi Kiamarsi has discovered a vulnerability in phpMyAdmin, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Input passed to the "db" parameter in pmd_pdf.php is not properly
sanitised before being returned to the user. This can be exploited to
execute arbitrary HTML and script code in a user's browser session in
context of an affected site.

Successful exploitation may require that the victim has valid user
credentials.

The vulnerability is confirmed in version 2.11.9.2 and 3.0.1 and
reported in version 3.0.0. Other versions may also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Hadi Kiamarsi

ORIGINAL ADVISORY:
http://seclists.org/bugtraq/2008/Oct/0199.html
Comment 1 Matti Bickel (RETIRED) gentoo-dev 2008-10-29 19:02:01 UTC
XSS vuln, unpatched upstream.
Requires "register_globals" to be on according to original report, so it may have a very low impact.
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2008-10-30 07:55:55 UTC
CVE-2008-4775
Comment 4 Gunnar Wrobel (RETIRED) gentoo-dev 2008-11-08 20:17:36 UTC
Added phpmyadmin-2.11.9.3 to the tree.

Targets:

alpha amd64 hppa ppc ppc64 sparc x86
Comment 5 Markus Meier gentoo-dev 2008-11-09 14:18:04 UTC
amd64/x86 stable
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2008-11-09 18:54:10 UTC
alpha/sparc stable
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2008-11-10 05:44:24 UTC
Stable for HPPA.
Comment 8 Markus Rothe (RETIRED) gentoo-dev 2008-11-12 18:11:23 UTC
ppc64 stable
Comment 9 Tobias Scherbaum (RETIRED) gentoo-dev 2008-11-14 21:08:35 UTC
ppc stable
Comment 10 Gunnar Wrobel (RETIRED) gentoo-dev 2008-11-17 04:46:21 UTC
Removed vulnerable version. webapps done.
Comment 11 Tobias Heinlein (RETIRED) gentoo-dev 2008-11-22 17:39:43 UTC
Since we already have a request in the pool for bug 237781, I vote YES.
Comment 12 Stefan Behte (RETIRED) gentoo-dev Security 2009-01-11 18:58:33 UTC
Yes, too. Adding to previous request.
Comment 13 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-03-18 22:32:06 UTC
GLSA 200903-32