[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation

To: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation
From: Henri Salo <henri@xxxxxxx>
Date: Thu, 4 Aug 2011 09:29:31 +0300

On Sun, Jul 24, 2011 at 06:10:00PM +0200, Mango wrote:
> ###############################################################################
> 
>                 phpMyAdmin 3.x Conditional Session Manipulation
>                               
> ###############################[ Advisory from 
> ]###############################
> 
> #########¨¨########¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨##¨¨¨¨¨#########.¨¨¨
> ¨¨'####:¨¨¨¨:###'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨:##:¨¨¨¨¨'###¨¨'###.¨
> ¨¨¨¨'###.¨¨.##'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨####¨¨¨¨¨¨###¨¨¨¨###¨
> ¨¨¨¨¨'###..##'¨¨¨######¨¨#####¨¨.#####.¨¨¨..#¨¨¨___¨¨¨¨¨¨:#'##:¨¨¨¨¨###¨¨¨¨###¨
> ¨¨¨¨¨¨'#####'¨¨¨¨¨'###:¨¨:##'¨.##''¨''##.####¨######.¨¨¨¨#'¨¨##¨¨¨¨¨###¨¨¨.###¨
> ¨¨¨¨¨¨¨'###:¨¨¨¨¨¨¨¨'##..#'¨¨.##'¨¨¨¨¨'##.¨###''¨'##'¨¨¨:#¨¨¨##:¨¨¨¨########:¨¨
> ¨¨¨¨¨¨¨.####.¨¨¨¨¨¨¨¨'###'¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨¨#'¨¨¨:##¨¨¨¨###¨¨¨'###.
> ¨¨¨¨¨¨.##'###.¨¨¨¨¨¨¨¨.##.¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨:########:¨¨¨###¨¨¨¨'###
> ¨¨¨¨¨.##'¨'###.¨¨¨¨¨¨.#'##.¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨#'¨¨¨¨¨:##¨¨¨###¨¨¨¨¨###
> ¨¨¨¨.##'¨¨¨'###.¨¨¨¨.#'¨'##.¨'##¨¨¨¨¨¨.##'¨##¨¨¨¨¨¨¨¨¨:#¨¨¨¨¨¨¨##:¨¨###¨¨¨¨.###
> ¨¨.###:¨¨¨¨¨:####..##:¨¨¨:###.'##..¨..##'¨.##.¨¨¨¨¨¨¨.##.¨¨¨¨¨.###..###.¨¨.###'
> ########¨¨¨############¨#######''#####''¨#######¨¨¨#######¨¨¨###############'¨¨
> 
> ################################[ www.Xxor.se 
> ]################################
> 
> Application: phpMyAdmin 3.x
> Patched ver: 3.3.10.3 and 3.4.3.2
> Severity:    Low
> Exploitable: Remote
> PMASA ID:    PMASA-2011-12
> 
> 
> ################################[ Description 
> ]################################
> 
> If the Swekey extention is activated a remote attacker can manipulate the
> variables in the the global namespace.
> 
> 
> ####################################[ Fix 
> ]####################################
> 
> Upgrade to version 3.3.10.3 or 3.4.3.2.
> Or apply patches available at: http://www.phpmyadmin.net/home_page/security/
> 
> 
> #################################[ Timeline 
> ]##################################
> 
> 2011-07-07 - Reported to vendor
> 2011-07-23 - Patch available
> 2011-07-24 - Disclosed

This issue can be refered as CVE-2011-2719.

Best regards,
Henri Salo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] new anon tool
Next by Date: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
Previous by thread: Re: [Full-disclosure] new anon tool
Next by thread: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool
Index(es):
- Date
- Thread