Red Hat Bugzilla – Bug 557307
CVE-2008-7251 CVE-2008-7252 CVE-2009-4605 phpMyAdmin 2.x multiple vulnerabilities
Last modified: 2015-07-29 08:50:41 EDT
Common Vulnerabilities and Exposures assigned the identifiers CVE-2008-7251, CVE-2008-7252, and CVE-2009-4605 to the following vulnerabilities: Name: CVE-2008-7251 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251 Assigned: 20100112 Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11536&r2=11535&pathrev=11536 Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536 Reference: CONFIRM: http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php Reference: BID:37826 Reference: URL: http://www.securityfocus.com/bid/37826 Reference: SECUNIA:38211 Reference: URL: http://secunia.com/advisories/38211 libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors. Name: CVE-2008-7252 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252 Assigned: 20100112 Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11528&r2=11527&pathrev=11528 Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528 Reference: CONFIRM: http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php Reference: BID:37826 Reference: URL: http://www.securityfocus.com/bid/37826 Reference: SECUNIA:38211 Reference: URL: http://secunia.com/advisories/38211 libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors. Name: CVE-2009-4605 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605 Assigned: 20100112 Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/scripts/setup.php?r1=13149&r2=13148&pathrev=13149 Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149 Reference: CONFIRM: http://www.phpmyadmin.net/home_page/security/PMASA-2010-3.php Reference: SECUNIA:38211 Reference: URL: http://secunia.com/advisories/38211 scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. Please note that none of these issues affect phpMyAdmin 3.x and as a result Fedora is not affected by these issues. Current EPEL contains phpMyAdmin 2.11.9 and is affected by these issues.
Vincent, thanks for pointing me to this. So if I apply all three diffs as patches to EPEL 4 and 5, we're fine and secure again?
Yes, but since EPEL has 2.11.9 and 2.11.10 fixes it, it probably makes more sense to do a version bump to the newer 2.11.10 version.
Urgs...I didn't realize that something > 2.11.9 has been released at all. Then an update to the latest version will solve this. I'll prepare that update this evening.
phpMyAdmin-2.11.10-1.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/phpMyAdmin-2.11.10-1.el5
phpMyAdmin-2.11.10-1.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/phpMyAdmin-2.11.10-1.el4
phpMyAdmin-2.11.10-1.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-2.11.10-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.