Summary: | <dev-db/phpmyadmin-3.4.0: multiple vulnerabilities (CVE-2011-{0986,0987}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Marcin Mirosław <bug> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | a3li, web-apps |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.phpmyadmin.net/home_page/news.php | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 350300 |
Description
Marcin Mirosław
2011-02-09 12:33:51 UTC
This appears to be due to http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php. There is another security release this one a little bit more serious: http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php Announcement-ID: PMASA-2011-2 SQL query could be executed under another user. Description It was possible to create a bookmark which would be executed unintentionally by other users. Severity We consider this vulnerability to be critical. Mitigation factor To use this vulnerability, phpMyAdmin configuration storage needs to be set up and enabled and bookmarks function needs to be enabled. Affected Versions The 2.11.x and 3.3.x versions are affected. Solution Upgrade to phpMyAdmin 3.3.9.2 or newer (2.11.11.3 or newer for the older family) or apply the related patch listed below. References This issue was found by Michal Čihař. Assigned CVE ids: CVE-2011-0987 CWE ids: CWE-661 CWE-89 I would recommend to skip 3.3.9.1 and go direct to 3.3.9.2 Arches, please test and mark stable: =dev-db/phpmyadmin-3.4.0 Target keywords : "alpha amd64 hppa ppc ppc64 sparc x86" amd64 ok Works perfect on my VPS. amd64 done. Thanks Agostino x86 stable. Thanks Stable for HPPA. alpha/sparc stable ppc/ppc64 stable, last arch done Thanks, everyone. GLSA request filed. CVE-2011-0987 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0987): The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark. CVE-2011-0986 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0986): phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file. This issue was resolved and addressed in GLSA 201201-01 at http://security.gentoo.org/glsa/glsa-201201-01.xml by GLSA coordinator Tim Sammut (underling). |