Multiple vulnerabilities in phpMyAdmin

Release date:
Updated on:

Affected Systems:
PhpMyAdmin 3.x
Description:
--------------------------------------------------------------------------------
Cve id: CVE-2011-2505, CVE-2011-2506, CVE-2011-2507, CVE-2011-2508

PhpMyAdmin is a PHP tool used to manage MySQL through the WEB.

PhpMyAdmin has multiple implementation vulnerabilities, which can be exploited by malicious users to leak sensitive information and control the affected systems.

1) there is an error in the "Swekey_login ()" function in libraries/auth/swekey. auth. lib. php. It can overwrite session variables and inject and execute arbitrary PHP code;

2) Input to the "PMA_createTargetTables ()" function passed to libraries/server_synchronize.lib.php is not properly filtered before calling the "preg_replace ()" function with the e modifier, attackers can use URL-encoded NULL bytes to execute arbitrary PHP code;

3) input of the "PMA_displayTableBody ()" function passed to libraries/display_tbl.lib.php is not properly filtered before being used to include files. Attackers can use directory traversal sequences to include arbitrary files in local resources.

<* Source: Frans Pehrson

Link: http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php
Http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php
Http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php
Http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php
Http://secunia.com/advisories/45139/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

PhpMyAdmin
----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.phpmyadmin.net/