Bug 631824 (CVE-2010-3263)

Summary: CVE-2010-3263 phpMyAdmin (x < v3.3.7): XSS in setup script (PMASA-2010-7)
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: ctatman, mmcgrath, redhat-bugzilla
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-03-21 16:12:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 631829    
Bug Blocks:    

Description Jan Lieskovsky 2010-09-08 13:19:09 UTC 
phpMyAdmin (x < v3.3.7) improperly sanitized server name provided to
the setup script. An attacker could use this flaw (under
certain installations) to conduct cross-site scripting
(XSS) attacks (execute arbitrary HTML or scripting code).

References:
[1] http://www.phpmyadmin.net/home_page/security/PMASA-2010-7.php
[2] http://secunia.com/advisories/41210/

Upstream changeset:
[3] http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=73ce5705bd1e0b62060f75702d62f88247ce09dd

Affected versions (from [1]):
For 3.x: versions before 3.3.7 are affected.

Unaffected versions (from [1]):
Branch 2.11.x is not affected by this.

Credit:
Upstream acknowledges Tenable Network Security as original reporter.
Comment 1 Jan Lieskovsky 2010-09-08 13:21:50 UTC 
This issue affects the versions of the phpMyAdmin package, as shipped
with Fedora release of 12 and 13.

Please fix.
Comment 2 Jan Lieskovsky 2010-09-08 13:34:07 UTC 
CVE Request:
[4] http://www.openwall.com/lists/oss-security/2010/09/08/9
Comment 3 Jan Lieskovsky 2010-09-08 13:35:31 UTC 
Created phpMyAdmin tracking bugs for this issue

Affects: fedora-all [bug 631829]
Comment 4 Jan Lieskovsky 2010-09-09 08:12:29 UTC 
CVE identifier of CVE-2010-3263 has been assigned to this issue.
Comment 5 Bill C. Riemers 2010-09-21 20:19:44 UTC 
*** Bug 636273 has been marked as a duplicate of this bug. ***
Comment 6 Robert Scheck 2011-03-21 15:52:51 UTC 
I think this bug report should be closed, shouldn't it?