Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation
From: Henri Salo <henri () nerv fi>
Date: Thu, 4 Aug 2011 09:29:31 +0300

On Sun, Jul 24, 2011 at 06:10:00PM +0200, Mango wrote:
###############################################################################

                phpMyAdmin 3.x Conditional Session Manipulation
                              
###############################[ Advisory from ]###############################

#########¨¨########¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨##¨¨¨¨¨#########.¨¨¨
¨¨'####:¨¨¨¨:###'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨:##:¨¨¨¨¨'###¨¨'###.¨
¨¨¨¨'###.¨¨.##'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨####¨¨¨¨¨¨###¨¨¨¨###¨
¨¨¨¨¨'###..##'¨¨¨######¨¨#####¨¨.#####.¨¨¨..#¨¨¨___¨¨¨¨¨¨:#'##:¨¨¨¨¨###¨¨¨¨###¨
¨¨¨¨¨¨'#####'¨¨¨¨¨'###:¨¨:##'¨.##''¨''##.####¨######.¨¨¨¨#'¨¨##¨¨¨¨¨###¨¨¨.###¨
¨¨¨¨¨¨¨'###:¨¨¨¨¨¨¨¨'##..#'¨¨.##'¨¨¨¨¨'##.¨###''¨'##'¨¨¨:#¨¨¨##:¨¨¨¨########:¨¨
¨¨¨¨¨¨¨.####.¨¨¨¨¨¨¨¨'###'¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨¨#'¨¨¨:##¨¨¨¨###¨¨¨'###.
¨¨¨¨¨¨.##'###.¨¨¨¨¨¨¨¨.##.¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨:########:¨¨¨###¨¨¨¨'###
¨¨¨¨¨.##'¨'###.¨¨¨¨¨¨.#'##.¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨#'¨¨¨¨¨:##¨¨¨###¨¨¨¨¨###
¨¨¨¨.##'¨¨¨'###.¨¨¨¨.#'¨'##.¨'##¨¨¨¨¨¨.##'¨##¨¨¨¨¨¨¨¨¨:#¨¨¨¨¨¨¨##:¨¨###¨¨¨¨.###
¨¨.###:¨¨¨¨¨:####..##:¨¨¨:###.'##..¨..##'¨.##.¨¨¨¨¨¨¨.##.¨¨¨¨¨.###..###.¨¨.###'
########¨¨¨############¨#######''#####''¨#######¨¨¨#######¨¨¨###############'¨¨

################################[ www.Xxor.se ]################################

Application: phpMyAdmin 3.x
Patched ver: 3.3.10.3 and 3.4.3.2
Severity:    Low
Exploitable: Remote
PMASA ID:    PMASA-2011-12


################################[ Description ]################################

If the Swekey extention is activated a remote attacker can manipulate the
variables in the the global namespace.


####################################[ Fix ]####################################

Upgrade to version 3.3.10.3 or 3.4.3.2.
Or apply patches available at: http://www.phpmyadmin.net/home_page/security/


#################################[ Timeline ]##################################

2011-07-07 - Reported to vendor
2011-07-23 - Patch available
2011-07-24 - Disclosed

This issue can be refered as CVE-2011-2719.

Best regards,
Henri Salo


  By Date           By Thread  

Current thread:
  • Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation Henri Salo (Aug 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]