198801 CVE-2007-5976 2007-11-11 12:48 0000 dev-db/phpmyadmin < 2.11.2.2 "db_create.php" persistent XSS and login XSS (CVE-2007-{5976,5977,6100}) 2008-03-06 09:49:28 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://secunia.com/advisories/27630/ B4 [noglsa] P2 minor --- 1 eremini@ntlworld.com security@gentoo.org mysql-bugs@gentoo.org ole+gentoo@ans.pl eremini@ntlworld.com 2007-11-11 12:48:32 0000 When creating a new database, a malicious user can use a client-side Web proxy to place malicious code in the "db" parameter of the POST request. Since db_create.php does not properly sanitize user-supplied input, an administrator could face a persistent XSS attack when the database names are displayed. Sample Exploit Code: db=>%22%27><img%20src%3d%22javascript:alert(%27XSS%27)%22> 2.11.2.1 is now out to fix this issue From ChangeLog - (2.11.2.1) fixed possible SQL injection using database name - (2.11.2.1) fixed possible XSS in database name, thanks to Omer Singer, The DigiTrust Group Latest version in portage is 2.11.1.1, here's a full ChangeLog from that version http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 rbu@gentoo.org 2007-11-11 13:40:36 0000 Web-apps, please advise. eremini@ntlworld.com 2007-11-18 01:55:35 0000 This is now CVE-2007-5977 and CVE-2007-5976 eremini@ntlworld.com 2007-11-20 18:59:31 0000 2.11.2.2 is now out fixing another XSS issue http://www.nth-dimension.org.uk/pub/NDSA20071119.txt.asc rbu@gentoo.org 2007-11-25 15:20:35 0000 CVE-2007-6100 to the third issue. Web-apps, please bump this package. wrobel@gentoo.org 2007-12-02 15:03:47 0000 Added phpmyadmin-2.11.2.2 to the tree. Targets: alpha amd64 hppa ppc ppc64 sparc x86 corsair@gentoo.org 2007-12-02 18:50:03 0000 ppc64 stable fauli@gentoo.org 2007-12-03 08:16:56 0000 x86 stable beandog@gentoo.org 2007-12-04 02:26:09 0000 amd64 stable jer@gentoo.org 2007-12-04 17:20:22 0000 Stable for HPPA. dertobi123@gentoo.org 2007-12-04 19:23:19 0000 ppc stable armin76@gentoo.org 2007-12-05 12:36:31 0000 alpha/sparc stable wrobel@gentoo.org 2007-12-05 12:47:12 0000 removed insecure version from the tree. webapps done here. py@gentoo.org 2007-12-10 22:04:44 0000 time for vote here. I vote NO. jaervosz@gentoo.org 2008-01-06 18:13:54 0000 I tend to vote YES. jaervosz@gentoo.org 2008-01-06 18:14:30 0000 Bah, wrong bug. Voting NO and closing. pva@gentoo.org 2008-03-06 09:49:28 0000 Does not affect current (2008.0) release. Removing release.