The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

new phpMyAdmin Exploits/Cross Site Scripting

Discussion in 'Database Discussions' started by fizz, Feb 24, 2005.

  1. fizz

    fizz Well-Known Member

    Joined:
    Jan 25, 2002
    Messages:
    202
    Likes Received:
    0
    Trophy Points:
    16
    Maksymilian Arciemowicz has reported some vulnerabilities in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

    1) Input passed to the "strServer", "cfg[BgcolorOne]", and "strServerChoice" parameters in "select_server.lib.php", the "bgcolor" and "row_no" parameters in "display_tbl_links.lib.php", the "left_font_family" parameter in "theme_left.css.php", and the "right_font_family" parameter in "theme_right.css.php" is not properly sanitised before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

    Successful exploitation requires that "register_globals" is enabled.

    2) Input passed to the "GLOBALS[cfg][ThemePath]" parameter in "phpmyadmin.css.php" and "cfg[Server][extension]" parameter in "database_interface.lib.php" is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.

    Successful exploitation requires that "register_globals" is enabled and that "magic_quotes_gpc" is disabled.

    The vulnerabilities have been reported in version 2.6.1. Other versions may also be affected.

    It is also possible to disclose the full path to certain scripts by accessing them directly.

    SOLUTION:
    Update to version 2.6.1-pl1.
    http://sourceforge.net/project/showfiles.php?group_id=23067
     
  2. cPanelBilly

    cPanelBilly Guest

    Please note that none of these vulnerabilities affect cPanel servers.
    Saying that there will be a patched version released after we get some more testing done.
     
  3. fizz

    fizz Well-Known Member

    Joined:
    Jan 25, 2002
    Messages:
    202
    Likes Received:
    0
    Trophy Points:
    16
    Thanks Billy, just wanted people to be aware of it. Some people will install phpMyAdmin in a central location such as myadmin.domain.com and do the install manually. People will also enable globals to be more compatible with scripts out there.
     
Loading...

Share This Page