Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 395715 (CVE-2011-4782) - <dev-db/phpmyadmin-3.4.9 Various XSS (CVE-2011-{4780,4782})
Summary: <dev-db/phpmyadmin-3.4.9 Various XSS (CVE-2011-{4780,4782})
Status: RESOLVED FIXED
Alias: CVE-2011-4782
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://sourceforge.net/news/?group_id...
Whiteboard: B4 [glsa]
Keywords:
Depends on:
Blocks: CVE-2011-4107
  Show dependency tree
 
Reported: 2011-12-22 19:53 UTC by Michael Harrison
Modified: 2012-01-04 23:42 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Harrison 2011-12-22 19:53:32 UTC
Input passed via the "$host" variable within the setup is not properly sanitised before being used. This can be exploited to insert HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

NOTE: Successful exploitation requires that installation best-practices have not been followed and the config directory is left writable.

The vulnerability is reported in versions 3.4.x prior to 3.4.9.

Solution
Upgrade to version 3.4.9 or later.

Original Advisory
PMASA-2011-19:
http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-12-23 21:33:28 UTC
There's also http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php:
Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-12-23 21:42:22 UTC
Arches, please test and mark stable:
=dev-db/phpmyadmin-3.4.9
Target keywords : "alpha amd64 hppa ppc ppc64 sparc x86"
Comment 3 Agostino Sarubbo gentoo-dev 2011-12-23 23:50:11 UTC
amd64 stable
Comment 4 KinG-InFeT 2011-12-24 02:04:40 UTC
x86 stable
Comment 5 Michael Harrison 2011-12-24 11:20:47 UTC
amd64 stable
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2011-12-24 18:42:14 UTC
Stable for HPPA.
Comment 7 Mark Loeser (RETIRED) gentoo-dev 2011-12-27 00:32:01 UTC
ppc/ppc64 done
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2011-12-29 13:14:58 UTC
CVE-2011-4782 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4782):
  Cross-site scripting (XSS) vulnerability in
  libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin
  3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or
  HTML via the host parameter.
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2012-01-01 15:17:40 UTC
alpha/sparc/x86 stable
Comment 10 Tim Sammut (RETIRED) gentoo-dev 2012-01-01 17:51:17 UTC
Thanks, folks. Closing noglsa for XSS.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2012-01-02 19:02:13 UTC
CVE-2011-4780 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4780):
  Multiple cross-site scripting (XSS) vulnerabilities in
  libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow
  remote attackers to inject arbitrary web script or HTML via crafted URL
  parameters, related to the export panels in the (1) server, (2) database,
  and (3) table sections.
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2012-01-04 23:42:28 UTC
This issue was resolved and addressed in
 GLSA 201201-01 at http://security.gentoo.org/glsa/glsa-201201-01.xml
by GLSA coordinator Tim Sammut (underling).