From ${URL} : Description A vulnerability was discovered where the restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions. This can allow the login of users who have no password set even if the administrator has set $cfg['Servers'][$i]['AllowNoPassword'] to false (which is also the default). This behavior depends on the PHP version used (it seems PHP 5 is affected, while PHP 7.0 is not). Severity We consider this vulnerability to be of moderate severity. Mitigation factor Set a password for all users. Affected Versions Version 4.0 prior to 4.0.10.20 Version 4.4 (no longer supported) Version 4.6 (no longer supported) Version 4.7.0-beta1 and 4.7.0-rc1 Solution Upgrade to phpMyAdmin 4.0.10.20, 4.7.0, or newer or apply patch listed below. References This weakness was discovered by phpMyAdmin team member Isaac Bennetch Assigned CVE ids: Not yet assigned CWE ids: CWE-661 Patches The following commits have been made on the 4.0 branch to fix this issue: b6ca92cc75c8a16001425be7881e73430bcc35b8 The following commits have been made on the 4.7 branch to fix this issue: 7232271a379396ca1d4b083af051262057003c41 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8fb4492ee897c4e02d9f5e1928f3176d99530e68 requested keywords: alpha amd64 hppa ppc ppc64 sparc x86 Please add keywords to: =dev-db/phpmyadmin-4.0.10.20 =dev-db/phpmyadmin-4.7.0
Stable on alpha.
amd64 stable
Stable for HPPA.
x86 stable
ppc ppc64 stable.
sparc stable. Maintainer(s), please cleanup. Security, please vote.
(In reply to Agostino Sarubbo from comment #7) > sparc stable. > > Maintainer(s), please cleanup. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f92854492b08d4acf4a1e12cb9087599974406b9 Done. Thanks to all arch teams for their work.
Arches and Maintainer(s), Thank you for your work. GLSA Vote: Yes New GLSA Request filed. Sent an Email upstream to find out about CVE ID for bug, if not will assist in assigning.
This issue was resolved and addressed in GLSA 201707-03 at https://security.gentoo.org/glsa/201707-03 by GLSA coordinator Thomas Deutschmann (whissi).
*** Bug 635212 has been marked as a duplicate of this bug. ***