Beginning of announcement taken from the website (posted on bugtraq too): There is a vulnerability in phpMyAdmin version 2.5.7. This vulnerability would allow remote user to inject php codes to be executed by eval() function (in file left.php). However, This vulnerability only effect if variable $cfg['LeftFrameLight'] set to FALSE (in file config.inc.php) Reproducible: Always Steps to Reproduce: 1. 2. 3.
Tom -- can you review/patch as necessary?
phpMyAdmin, as distributed by Gentoo, is NOT vulnerable. Gentoo uses a patched version of config.inc.php which does not change the value of $cfg['LeftFrameLight']. Thus the default value of $cfg['LeftFrameLight'] = TRUE is used. Users who have changed this variable themselves will be vulnerable. Please let me know when a patch for 2.5.7 is available -- there's nothing on the website at the moment. Best regards, Tom
patch is out: http://www.phpmyadmin.net/ http://sourceforge.net/forum/forum.php?forum_id=387635 phpMyAdmin 2.5.7-pl1 is released lem9 - 2004-06-30 12:05 This is phpMyAdmin 2.5.7, patch level 1, fixing the vulnerability dated 2004-06-29 released on BUGTRAQ. See Documentation.html, FAQ 8.2.
