169376 2007-03-04 22:45 0000 dev-db/phpmyadmin: PHP Executor Deep Recursion Stack Overflow [MOPB] 2007-05-30 19:46:13 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3 B3? [noglsa] P2 enhancement --- 169372 1 rl03@gentoo.org security@gentoo.org rl03@gentoo.org 2007-03-04 22:45:49 0000 Announcement-ID: PMASA-2007-3 Date: 2007-03-02 Summary: PHP Executor Deep Recursion Stack Overflow Description: Stefan Esser from the Hardened-PHP Project is publishing the Month of PHP Bugs. One of these PHP bugs can be triggered by phpMyAdmin which uses a recursive function in its normal operation. Severity: We consider this vulnerability to be serious. Affected versions: All versions prior to 2.10.0.2. Solution: Upgrade to phpMyAdmin 2.10.0.2 or newer. Note that upgrading phpMyAdmin does not protect a server against an attacker that targets other vulnerable PHP applications. Patches: Patches are available in this tracker:http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408 Reference: http://www.php-security.org/MOPB/MOPB-02-2007.html For further information and in case of questions, please contact the phpMyAdmin team. Our website is http://www.phpmyadmin.net/. rl03@gentoo.org 2007-03-04 22:46:11 0000 2.10.0.2 is in the tree vorlon@gentoo.org 2007-03-05 20:27:32 0000 Thanks Renat arches please test phpMyAdmin 2.10.0.2 and mark stable if possible angelos@gentoo.org 2007-03-05 20:38:57 0000 After creating a database: Warning: require_once(./db_details_structure.php) [function.require-once]: failed to open stream: No such file or directory in /var/www/localhost/htdocs/phpmyadmin/db_create.php on line 42 Selecting a database results in a 404, same with tables, access.log: 127.0.0.1 localhost - [05/Mar/2007:21:38:32 +0100] "GET /phpmyadmin/db_details_structure.php?server=1&db=angelos&table=&lang=de-utf-8&collation_connection=utf8_unicode_ci HTTP/1.1" 404 345 "http://localhost/phpmyadmin/navigation.php?token=f9addbcfe4fc8145f643f8aefd391b97" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.2) Gecko/20070303 Firefox/2.0.0.2" 127.0.0.1 localhost - [05/Mar/2007:21:38:33 +0100] "GET /phpmyadmin/tbl_properties_structure.php?db=angelos&token=f9addbcfe4fc8145f643f8aefd391b97&table=users HTTP/1.1" 404 345 "http://localhost/phpmyadmin/navigation.php?server=1&db=angelos&table=&lang=de-utf-8&collation_connection=utf8_unicode_ci" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.2) Gecko/20070303 Firefox/2.0.0.2" armin76@gentoo.org 2007-03-06 15:46:55 0000 Works for me... x86 stable. corsair@gentoo.org 2007-03-06 18:42:43 0000 works here, too. ppc64 stable angelos@gentoo.org 2007-03-06 22:52:17 0000 Hmm, works after unmerging, removing the old phpmyadmin directory and emerging a new, clean version - simply upgrading didn't work jer@gentoo.org 2007-03-07 03:26:05 0000 Stable for HPPA (killerfox). beandog@gentoo.org 2007-03-08 14:06:39 0000 amd64 stable dertobi123@gentoo.org 2007-03-08 17:32:58 0000 ppc stable gustavoz@gentoo.org 2007-03-08 17:41:54 0000 sparc stable. yoswink@gentoo.org 2007-03-12 09:29:47 0000 Stable on alpha falco@gentoo.org 2007-03-14 00:34:05 0000 i don't know how to handle that kind of bugs that seem to belong to PHP rather that to the applications using PHP. Personnally i tend to think that's a PHP vulnerability. jaervosz@gentoo.org 2007-03-14 07:51:46 0000 This seems like a PHP vuln to me. Upgrading phpmyadmin is only a workaround for phpmyadmin users. falco@gentoo.org 2007-03-15 22:07:17 0000 i fully agree but i don't know in which PHP version this is fixed. BTW i vote NOGLSA since it's a PHP bug jaervosz@gentoo.org 2007-03-16 07:51:33 0000 I agree on the NO GLSA part if we'll have a PHP GLSA. falco@gentoo.org 2007-03-26 22:18:11 0000 then let's close it as soon as the dependent bug 169372 is glsa-sent vorlon@gentoo.org 2007-04-12 15:11:43 0000 agreed on no glsa and updating status accordingly jaervosz@gentoo.org 2007-05-02 12:03:37 0000 Pushing it to enhancement until it can be closed. rl03@gentoo.org 2007-05-28 00:43:23 0000 so what's the deal here? jaervosz@gentoo.org 2007-05-28 06:11:26 0000 Waiting for PHP GLSA to be sent, nothing else I think. falco@gentoo.org 2007-05-30 19:46:13 0000 GLSA 200705-19 was issued a few days ago, closing then.