Bug 169376 - dev-db/phpmyadmin: PHP Executor Deep Recursion Stack Overflow [MOPB]
|
Bug#:
169376
|
Product: Gentoo Security
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Linux
|
Status: RESOLVED
|
Severity: enhancement
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: security@gentoo.org
|
Reported By: rl03@gentoo.org
|
|
Component: Vulnerabilities
|
|
|
URL:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3
|
|
Summary: dev-db/phpmyadmin: PHP Executor Deep Recursion Stack Overflow [MOPB]
|
|
Keywords:
|
|
Status Whiteboard: B3? [noglsa]
|
|
Opened: 2007-03-04 22:45 0000
|
Announcement-ID: PMASA-2007-3
Date: 2007-03-02
Summary:
PHP Executor Deep Recursion Stack Overflow
Description:
Stefan Esser from the Hardened-PHP Project is publishing the Month of PHP Bugs.
One of these PHP bugs can be triggered by phpMyAdmin which uses a recursive
function in its normal operation.
Severity:
We consider this vulnerability to be serious.
Affected versions:
All versions prior to 2.10.0.2.
Solution:
Upgrade to phpMyAdmin 2.10.0.2 or newer. Note that upgrading phpMyAdmin does
not protect a server against an attacker that targets other vulnerable PHP
applications.
Patches:
Patches are available in this
tracker:http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408
Reference:
http://www.php-security.org/MOPB/MOPB-02-2007.html
For further information and in case of questions, please contact the phpMyAdmin
team. Our website is http://www.phpmyadmin.net/.
Thanks Renat
arches please test phpMyAdmin 2.10.0.2 and mark stable if possible
After creating a database:
Warning: require_once(./db_details_structure.php) [function.require-once]:
failed to open stream: No such file or directory in
/var/www/localhost/htdocs/phpmyadmin/db_create.php on line 42
Selecting a database results in a 404, same with tables, access.log:
127.0.0.1 localhost - [05/Mar/2007:21:38:32 +0100] "GET
/phpmyadmin/db_details_structure.php?server=1&db=angelos&table=&lang=de-utf-8&collation_connection=utf8_unicode_ci
HTTP/1.1" 404 345
"http://localhost/phpmyadmin/navigation.php?token=f9addbcfe4fc8145f643f8aefd391b97"
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.2) Gecko/20070303
Firefox/2.0.0.2"
127.0.0.1 localhost - [05/Mar/2007:21:38:33 +0100] "GET
/phpmyadmin/tbl_properties_structure.php?db=angelos&token=f9addbcfe4fc8145f643f8aefd391b97&table=users
HTTP/1.1" 404 345
"http://localhost/phpmyadmin/navigation.php?server=1&db=angelos&table=&lang=de-utf-8&collation_connection=utf8_unicode_ci"
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.2) Gecko/20070303
Firefox/2.0.0.2"
Works for me...
x86 stable.
works here, too. ppc64 stable
Hmm, works after unmerging, removing the old phpmyadmin directory and emerging
a new, clean version - simply upgrading didn't work
Stable for HPPA (killerfox).
i don't know how to handle that kind of bugs that seem to belong to PHP rather
that to the applications using PHP. Personnally i tend to think that's a PHP
vulnerability.
This seems like a PHP vuln to me. Upgrading phpmyadmin is only a workaround for
phpmyadmin users.
i fully agree but i don't know in which PHP version this is fixed.
BTW i vote NOGLSA since it's a PHP bug
I agree on the NO GLSA part if we'll have a PHP GLSA.
then let's close it as soon as the dependent bug 169372 is glsa-sent
agreed on no glsa and updating status accordingly
Pushing it to enhancement until it can be closed.
Waiting for PHP GLSA to be sent, nothing else I think.
GLSA 200705-19 was issued a few days ago, closing then.
