Description: A logged-in user can be subject of SQL injection through cross site request forgery. Several scripts in phpMyAdmin are vulnerable and the attack can be made through table parameter. Also from Secunia: http://secunia.com/Advisories/33076/
Thanks for the report. Web-apps, please bump.
*** Bug 251281 has been marked as a duplicate of this bug. ***
This is now assigned CVE-2008-5621 and CVE-2008-5622, if someone would like to update the description and alias. Also, CVE-2008-5621 says it is possible to execute arbitrary code; it may be grounds for changing the severity. CVE-2008-5621: Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: this can be leveraged to conduct SQL injection attacks and execute arbitrary code. CVE-2008-5622: Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allow remote attackers to conduct SQL injection attacks via unknown vectors related to the table parameter, a different vector than CVE-2008-5621.
CVE-2008-5621 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5621): Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: this can be leveraged to conduct SQL injection attacks and execute arbitrary code. CVE-2008-5622 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5622): Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allow remote attackers to conduct SQL injection attacks via unknown vectors related to the table parameter, a different vector than CVE-2008-5621.
dev-db/phpmyadmin-{2.11.9.4,3.1.1} are in the tree. Targets for 2.11.9.4: alpha amd64 hppa ppc ppc64 sparc x86
ppc stable
ppc64 done
sparc stable
amd64 stable
Removing amd64 and adding alpha back to CC. Thanks hparker.
(In reply to comment #5) > dev-db/phpmyadmin-{2.11.9.4,3.1.1} are in the tree. > > Targets for 2.11.9.4: > > alpha amd64 hppa ppc ppc64 sparc x86 Please describe stabilisation targets as category/package-version-revision atoms - combining all the pieces is messy and error prone. Stable for HPPA: =dev-db/phpmyadmin-2.11.9.4
x86 stable
alpha stable
GLSA request already in due to bug 237781 and some others.
GLSA 200903-32