|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: phpMyAdmin: Jan 24 2017 release 4.6.6, 4.4.15.10, and 4.0.10.19 | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Marcus Meissner <meissner> |
| Component: | Incidents | Assignee: | Christian Wittmer <chris> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | abergmann, astieger |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Bug Depends on: | 1020489 | ||
| Bug Blocks: | |||
|
Description
Marcus Meissner
2017-01-24 08:14:06 UTC
https://www.phpmyadmin.net/security/PMASA-2017-7/ PMASA-2017-7 Announcement-ID: PMASA-2017-7 Date: 2017-01-24 Summary DOS in replication status Description It was possible to trigger DOS in replication status by specially crafted table name. Severity We consider this to be non critical. Affected Versions All 4.6.x versions (prior to 4.6.6), 4.4.x versions (prior to 4.4.15.10), and 4.0.x versions (prior to 4.0.10.19) are affected. Solution Upgrade to phpMyAdmin 4.6.6, 4.4.15.10, or 4.0.10.19 or newer or apply patch listed below. References Thanks to Emanuel Bronshtein @e3amn2l for reporting this vulnerability. Assigned CVE ids: Not yet assigned CWE ids: CWE-661 Patches The following commits have been made on the 4.6 branch to fix this issue: 96b4f13 The following commits have been made on the 4.4 branch to fix this issue: 4549ebd The following commits have been made on the 4.0 branch to fix this issue: afe8464 https://www.phpmyadmin.net/security/PMASA-2017-6/ PMASA-2017-6 Announcement-ID: PMASA-2017-6 Date: 2017-01-24 Summary SSRF in replication Description For a user with appropriate MySQL privileges it was possible to connect to arbitrary host. Severity We consider this to be non-critical. Mitigation factor The vulnerability is exposed only to MySQL superusers. Affected Versions All 4.6.x versions (prior to 4.6.6), 4.4.x versions (prior to 4.4.15.10), and 4.0.x versions (prior to 4.0.10.19) are affected. Solution Upgrade to phpMyAdmin 4.6.6, 4.4.15.10, or 4.0.10.19 or newer or apply patch listed below. References Thanks to butian_235 for reporting this vulnerability. Assigned CVE ids: Not yet assigned CWE ids: CWE-661 Patches The following commits have been made on the 4.0 branch to fix this issue: f8ad5bd The following commits have been made on the 4.4 branch to fix this issue: ca8edbc The following commits have been made on the 4.6 branch to fix this issue: 695a488 https://www.phpmyadmin.net/security/PMASA-2017-5/ PMASA-2017-5 Announcement-ID: PMASA-2017-5 Date: 2017-01-24 Summary Cookie attribute injection attack Description A vulnerability was found where, under some circumstances, an attacker can inject arbitrary values in the browser cookies. This was incompletely fixed in PMASA-2016-18. Severity We consider this to be non-critical. Mitigation factor Properly configured server which sets PHP_SELF is not affected by this. Affected Versions All 4.6.x versions (prior to 4.6.6) are affected Solution Upgrade to phpMyAdmin 4.6.6 or newer or apply patch listed below. References Assigned CVE ids: Not yet assigned CWE ids: CWE-661 Patches The following commits have been made on the 4.6 branch to fix this issue: 3b6ed1f https://www.phpmyadmin.net/security/PMASA-2017-4/ PMASA-2017-4 Announcement-ID: PMASA-2017-4 Date: 2017-01-24 Summary CSS injection in themes Description It was possible to cause CSS injection in themes by crafted cookie parameters. Severity We consider this to be non critical. Affected Versions All 4.6.x versions (prior to 4.6.6), 4.4.x versions (prior to 4.4.15.10), and 4.0.x versions (prior to 4.0.10.19) are affected. Solution Upgrade to phpMyAdmin 4.6.6, 4.4.15.10, or 4.0.10.19 or newer or apply patch listed below. References Thanks to Emanuel Bronshtein @e3amn2l for reporting this vulnerability. Assigned CVE ids: Not yet assigned CWE ids: CWE-661 Patches The following commits have been made on the 4.0 branch to fix this issue: 8a08162 The following commits have been made on the 4.4 branch to fix this issue: bd3677f The following commits have been made on the 4.6 branch to fix this issue: 3a62476 https://www.phpmyadmin.net/security/PMASA-2017-3/ PMASA-2017-3 Announcement-ID: PMASA-2017-3 Date: 2017-01-24 Summary DOS vulnerabiltiy in table editing Description It was possible to trigger recursive include operation by crafter parameters when editing table data. Severity We consider this to be non critical. Mitigation factor Do not click on deep phpMyAdmin links on third party sites. Affected Versions All 4.6.x versions (prior to 4.6.6), 4.4.x versions (prior to 4.4.15.10), and 4.0.x versions (prior to 4.0.10.19) are affected. Solution Upgrade to phpMyAdmin 4.6.6, 4.4.15.10, or 4.0.10.19 or newer or apply patch listed below. References Thanks to Emanuel Bronshtein @e3amn2l for reporting this vulnerability. Assigned CVE ids: Not yet assigned CWE ids: CWE-661 Patches The following commits have been made on the 4.0 branch to fix this issue: 3d230b6 The following commits have been made on the 4.4 branch to fix this issue: 38f9223 The following commits have been made on the 4.6 branch to fix this issue: a134a01 https://www.phpmyadmin.net/security/PMASA-2017-2/ PMASA-2017-2 Announcement-ID: PMASA-2017-2 Date: 2017-01-24 Summary php-gettext code execution Description The php-gettext library can suffer to code execution. However there is no way to trigger this inside phpMyAdmin. Severity We consider this to be minor. Affected Versions phpMyAdmin is not vulberable, we're just fixing bug in embedded library which can not be exploited within phpMyAdmin. Solution Upgrade to phpMyAdmin 4.6.6, 4.4.15.10, or 4.0.10.19 or newer or apply patch listed below. References The issue in phpMyAdmin codebase was spot by Michal Čihař, the original issue has been fixed in php-gettext in 2015 without issuing CVE. Assigned CVE ids: CVE-2015-8980 CWE ids: CWE-661 Patches The following commits have been made on the 4.6 branch to fix this issue: 4ab34ed The following commits have been made on the 4.4 branch to fix this issue: d63645c The following commits have been made on the 4.0 branch to fix this issue: 4b5f3f9 https://www.phpmyadmin.net/security/PMASA-2017-1/ PMASA-2017-1 Announcement-ID: PMASA-2017-1 Date: 2017-01-24 Summary Open redirect Description It was possible to trick phpMyAdmin to redirect to insecure using special request path. Severity We consider this vulnerability to be non critical. Affected Versions All 4.6.x versions (prior to 4.6.6), 4.4.x versions (prior to 4.4.15.10), and 4.0.x versions (prior to 4.0.10.19) are affected Solution Upgrade to phpMyAdmin 4.6.6, 4.4.15.10, or 4.0.10.19 or newer or apply patch listed below. References Thanks to Emanuel Bronshtein @e3amn2l for reporting this vulnerability. Assigned CVE ids: Not yet assigned CWE ids: CWE-661 Patches The following commits have been made on the 4.6 branch to fix this issue: 4c84070 e37bf40 The following commits have been made on the 4.4 branch to fix this issue: 1e5c0ae The following commits have been made on the 4.0 branch to fix this issue: 7fe97a1 bugbot adjusting priority ongoing work This is an autogenerated message for OBS integration: This bug (1021597) was mentioned in https://build.opensuse.org/request/show/452522 Factory / phpMyAdmin This is an autogenerated message for OBS integration: This bug (1021597) was mentioned in https://build.opensuse.org/request/show/452819 42.1+42.2 / phpMyAdmin release openSUSE-SU-2017:0372-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1021597 CVE References: CVE-2015-8980,CVE-2016-6621 Sources used: openSUSE Leap 42.2 (src): phpMyAdmin-4.4.15.10-31.2 openSUSE Leap 42.1 (src): phpMyAdmin-4.4.15.10-31.2 CVE assignment for reference completeness. PMASA-2017-1: CVE-2017-1000013 PMASA-2017-2: CVE-2015-8980 PMASA-2017-3: CVE-2017-1000014 PMASA-2017-4: CVE-2017-1000015 PMASA-2017-5: CVE-2017-1000016 PMASA-2017-6: CVE-2017-1000018 PMASA-2017-7: Not yet assigned |