| Citazione: |
Announcement-ID: PMASA-2004-3
Date: 2004-11-18
Summary:
Multiple XSS vulnerability were found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting (XSS) attacks.
Description:
We received a security advisory from Cedric Cochin (netvigilance.com) about those vulnerabilities and we wish to thank him for his work. The vulnerabilities apply to those points:
The logic used to auto-detect the PmaAbsoluteUri parameter can be fooled by adding an extra "/" and a crafted URL.
read_dump.php can be called with a crafted url; using the fact that the zero_rows variable is not sanitized can lead to an attack.
The confirm form (for example after a DROP DATABASE statement) can be used for a XSS attack.
The internal phpMyAdmin parser does not sanitize the error message sent after an error like a punctuation problem.
Severity:
As any of those vulnerabilites can be used for a XSS attack, we consider them to be serious.
Affected versions:
Not all previous versions are affected by all vulnerabilities, but it's safe to say that releases up to and including 2.6.0-pl2 are at risk.
Unaffected versions:
CVS HEAD has been fixed. The upcoming 2.6.0-pl3 release.
Solution:
We strongly advise everyone to upgrade to the next version of phpMyAdmin, which is to be released soon.
References:
http://www.netvigilance.com/advisory0005.htm
For further information and in case of questions, please contact the phpMyAdmin team. Our website is http://www.phpmyadmin.net/. |
Argomenti: 1581
Messaggi: 8758 Risposte: 7185
