Bug 557307 (CVE-2008-7251, CVE-2008-7252, CVE-2009-4605) - CVE-2008-7251 CVE-2008-7252 CVE-2009-4605 phpMyAdmin 2.x multiple vulnerabilities
Summary: CVE-2008-7251 CVE-2008-7252 CVE-2009-4605 phpMyAdmin 2.x multiple vulnerabili...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2008-7251, CVE-2008-7252, CVE-2009-4605
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL: http://web.nvd.nist.gov/view/vuln/det...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-01-20 23:28 UTC by Vincent Danen
Modified: 2019-09-29 12:33 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-03-29 11:19:30 UTC


Attachments (Terms of Use)

Description Vincent Danen 2010-01-20 23:28:18 UTC
Common Vulnerabilities and Exposures assigned the identifiers CVE-2008-7251, CVE-2008-7252, and CVE-2009-4605 to the following vulnerabilities:

Name: CVE-2008-7251
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251
Assigned: 20100112
Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11536&r2=11535&pathrev=11536
Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
Reference: CONFIRM: http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php
Reference: BID:37826
Reference: URL: http://www.securityfocus.com/bid/37826
Reference: SECUNIA:38211
Reference: URL: http://secunia.com/advisories/38211

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a
temporary directory with 0777 permissions, which has unknown impact
and attack vectors.

Name: CVE-2008-7252
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252
Assigned: 20100112
Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11528&r2=11527&pathrev=11528
Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
Reference: CONFIRM: http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php
Reference: BID:37826
Reference: URL: http://www.securityfocus.com/bid/37826
Reference: SECUNIA:38211
Reference: URL: http://secunia.com/advisories/38211

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses
predictable filenames for temporary files, which has unknown impact
and attack vectors.


Name: CVE-2009-4605
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605
Assigned: 20100112
Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/scripts/setup.php?r1=13149&r2=13148&pathrev=13149
Reference: CONFIRM: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
Reference: CONFIRM: http://www.phpmyadmin.net/home_page/security/PMASA-2010-3.php
Reference: SECUNIA:38211
Reference: URL: http://secunia.com/advisories/38211

scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before
2.11.10 calls the unserialize function on the values of the (1)
configuration and (2) v[0] parameters, which might allow remote
attackers to conduct cross-site request forgery (CSRF) attacks via
unspecified vectors.


Please note that none of these issues affect phpMyAdmin 3.x and as a result Fedora is not affected by these issues.  Current EPEL contains phpMyAdmin 2.11.9 and is affected by these issues.

Comment 1 Robert Scheck 2010-01-21 07:10:33 UTC
Vincent, thanks for pointing me to this.

So if I apply all three diffs as patches to EPEL 4 and 5, we're fine and
secure again?

Comment 2 Vincent Danen 2010-01-21 15:15:57 UTC
Yes, but since EPEL has 2.11.9 and 2.11.10 fixes it, it probably makes more sense to do a version bump to the newer 2.11.10 version.

Comment 3 Robert Scheck 2010-01-21 15:58:54 UTC
Urgs...I didn't realize that something > 2.11.9 has been released at all. Then
an update to the latest version will solve this. I'll prepare that update this 
evening.

Comment 4 Fedora Update System 2010-01-21 20:11:20 UTC
phpMyAdmin-2.11.10-1.el5 has been submitted as an update for Fedora EPEL 5.
http://admin.fedoraproject.org/updates/phpMyAdmin-2.11.10-1.el5

Comment 5 Fedora Update System 2010-01-21 20:11:30 UTC
phpMyAdmin-2.11.10-1.el4 has been submitted as an update for Fedora EPEL 4.
http://admin.fedoraproject.org/updates/phpMyAdmin-2.11.10-1.el4

Comment 6 Fedora Update System 2010-02-09 03:56:18 UTC
phpMyAdmin-2.11.10-1.el4 has been pushed to the Fedora EPEL 4 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2010-02-09 03:56:28 UTC
phpMyAdmin-2.11.10-1.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.