Critical phpMyAdmin Vulnerabilities Discovered

A number of bloggers and web site owners use phpMyAdmin for easy database administration. Two critical vulnerabilities have been discovered that could be used to gain full access to the affected server.

Exploits have already been made publicly available, see GNUCITIZEN for an example:

http://172.16.211.10/phpMyAdmin-3.0.1.1//config/
config.inc.php?p=phpinfo();

Description

Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.

Affected Versions

Vulnerability 1 (PMASA-2009-4.php):

For 2.11.x: versions are not affected.
For 3.x: versions before 3.1.3.2.

Vulnerability 2 (PMASA-2009-3.php)

For 2.11.x: versions before 2.11.9.5.
For 3.x: versions before 3.1.3.1.

Solution

Upgrade to phpMyAdmin 3.1.3.2 or apply latest patches.

• Old WP-Forum Vulnerability Gets Disclosed

If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Copyright 2007. BlogSecurity. All rights reserved

• Home
• About
• Advertise
• BlogSec News
• Contact Us
• WPSCAN