You are here

phpMyAdmin security announcement

AlbLinux's picture

Announcement-ID: PMASA-2004-3
Summary:
Multiple XSS vulnerability were found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting (XSS) attacks.

Ftojmë të gjithë përdoruesit e phpMyAdmin të instalojnë versionin e fundit të vënë në dispozicion nga zhvilluesit (2.6.0-pl3)

Description:
We received a security advisory FROM Cedric Cochin (netvigilance.com) about those vulnerabilities and we wish to thank him for his work. The vulnerabilities apply to those points:

1. The logic used to auto-detect the PmaAbsoluteUri parameter can be fooled by adding an extra "/" and a crafted URL.
2. read_dump.php can be called with a crafted url; using the fact that the zero_rows variable is not sanitized can lead to an attack.
3. The confirm form (for example after a D ROP DATABASE statement) can be used for a XSS attack.
4. The internal phpMyAdmin parser does not sanitize the error message sent after an error like a punctuation problem.

Severity:
As any of those vulnerabilites can be used for a XSS attack, we consider them to be serious.

Affected versions:
Not all previous versions are affected by all vulnerabilities, but it's safe to say that releases up to and including 2.6.0-pl2 are at risk.