Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 67409
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Matthias Geerdsen <vorlon@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 67409 depends on: Show dependency tree
Bug 67409 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2004-10-13 09:25 0000 
from release note:

This is patch level 2 of phpMyAdmin 2.6.0, containing a security fix and a few other fixes (see ChangeLog). 
 
Security fix: If PHP is not running in safe mode, a problem in the MIME-based transformation system (with an "external" transformation) allows to execute any command with the privileges of the web server's user.

______

http://secunia.com/advisories/12813/

Critical: Highly critical
Impact:	System access
Where:	From remote
Solution Status:	Vendor Patch

Software:	phpMyAdmin 2.x


Description:
A vulnerability has been reported in phpMyAdmin, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a problem in the MIME-based transformation system with "external" transformations. This can be exploited to execute arbitrary commands.

Successful exploitation requires that PHP's safe mode is disabled.

Solution:
Update to version 2.6.0-pl2.
http://www.phpmyadmin.net/home_page/

Provided and/or discovered by:
Reported by vendor.

__________________

twp, please bump the ebuild

------- Comment #1 From Tom Payne (RETIRED) 2004-10-13 16:22:03 0000 ------- 
OK, 2.6.0-pl2 in CVS, 2.6.0 removed. Not heavily tested. I'll close the bug in
a couple of days unless there are reported problems.

------- Comment #2 From Thierry Carrez (RETIRED) 2004-10-14 01:25:44 0000 ------- 
Tom: please don't close the bug, we've still security work to do on it.

It's unclear if the vulnerability affects all phpmyadmin versions or just the 2.6.0 series. Could you look into it ? The stable keywords need is not the same in each case...

------- Comment #3 From Matthias Geerdsen 2004-10-14 02:36:01 0000 ------- 
according to http://www.heise.de/security/news/meldung/52132 (german) all
versions since 2.5 are affected, since the transformation system
(http://www.phpmyadmin.net/documentation/#transformations) has been implemented
there for the first time

------- Comment #4 From Thierry Carrez (RETIRED) 2004-10-14 02:43:13 0000 ------- 
OK, then we need to keyword it stable as in 2.5.7_p1.
Arches, please test and mark dev-db/phpmyadmin-2.6.0_p2 stable

------- Comment #5 From Jochen Maes (RETIRED) 2004-10-14 03:05:58 0000 ------- 
stable on ppc

------- Comment #6 From Guy Martin 2004-10-14 04:38:59 0000 ------- 
Stable on hppa.

------- Comment #7 From Jason Wever (RETIRED) 2004-10-14 20:48:31 0000 ------- 
Stable on sparc

------- Comment #8 From Bryan Østergaard (RETIRED) 2004-10-15 03:36:00 0000 ------- 
Stable on alpha.

------- Comment #9 From Thierry Carrez (RETIRED) 2004-10-16 03:35:59 0000 ------- 
GLSA drafted, blocked by amd64 missing keyword.

------- Comment #10 From Danny van Dyk (RETIRED) 2004-10-16 07:33:17 0000 ------- 
stable on amd64.

------- Comment #11 From Thierry Carrez (RETIRED) 2004-10-18 05:11:45 0000 ------- 
GLSA 200410-14
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug