[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

phpMyAdmin 3.x Conditional Session Manipulation

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: phpMyAdmin 3.x Conditional Session Manipulation
From: Mango <h@xxxxxxx>
Date: Sun, 24 Jul 2011 19:13:41 +0200

###############################################################################

                phpMyAdmin 3.x Conditional Session Manipulation
                                
###############################[ Advisory from ]###############################

#########¨¨########¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨##¨¨¨¨¨#########.¨¨¨
¨¨'####:¨¨¨¨:###'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨:##:¨¨¨¨¨'###¨¨'###.¨
¨¨¨¨'###.¨¨.##'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨####¨¨¨¨¨¨###¨¨¨¨###¨
¨¨¨¨¨'###..##'¨¨¨######¨¨#####¨¨.#####.¨¨¨..#¨¨¨___¨¨¨¨¨¨:#'##:¨¨¨¨¨###¨¨¨¨###¨
¨¨¨¨¨¨'#####'¨¨¨¨¨'###:¨¨:##'¨.##''¨''##.####¨######.¨¨¨¨#'¨¨##¨¨¨¨¨###¨¨¨.###¨
¨¨¨¨¨¨¨'###:¨¨¨¨¨¨¨¨'##..#'¨¨.##'¨¨¨¨¨'##.¨###''¨'##'¨¨¨:#¨¨¨##:¨¨¨¨########:¨¨
¨¨¨¨¨¨¨.####.¨¨¨¨¨¨¨¨'###'¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨¨#'¨¨¨:##¨¨¨¨###¨¨¨'###.
¨¨¨¨¨¨.##'###.¨¨¨¨¨¨¨¨.##.¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨:########:¨¨¨###¨¨¨¨'###
¨¨¨¨¨.##'¨'###.¨¨¨¨¨¨.#'##.¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨#'¨¨¨¨¨:##¨¨¨###¨¨¨¨¨###
¨¨¨¨.##'¨¨¨'###.¨¨¨¨.#'¨'##.¨'##¨¨¨¨¨¨.##'¨##¨¨¨¨¨¨¨¨¨:#¨¨¨¨¨¨¨##:¨¨###¨¨¨¨.###
¨¨.###:¨¨¨¨¨:####..##:¨¨¨:###.'##..¨..##'¨.##.¨¨¨¨¨¨¨.##.¨¨¨¨¨.###..###.¨¨.###'
########¨¨¨############¨#######''#####''¨#######¨¨¨#######¨¨¨###############'¨¨

################################[ www.Xxor.se ]################################

Application: phpMyAdmin 3.x
Patched ver: 3.3.10.3 and 3.4.3.2
Severity:    Low
Exploitable: Remote
PMASA ID:    PMASA-2011-12


################################[ Description ]################################

If the Swekey extention is activated a remote attacker can manipulate the
variables in the the global namespace.


####################################[ Fix ]####################################

Upgrade to version 3.3.10.3 or 3.4.3.2.
Or apply patches available at: http://www.phpmyadmin.net/home_page/security/


#################################[ Timeline ]##################################

2011-07-07 - Reported to vendor
2011-07-23 - Patch available
2011-07-24 - Disclosed


###############################################################################

Need to secure a PHP application? Get expert help. Let Xxor AB audit your code.
http://www.xxor.se/services/php-code-audit.php


###############################################################################

Prev by Date: CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability
Next by Date: NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow
Previous by thread: CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability
Next by thread: NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow
Index(es):
- Date
- Thread