The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

phpMyAdmin 2.x bug

Discussion in 'Database Discussions' started by hicom, Feb 3, 2004.

  1. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    TITLE:
    phpMyAdmin "export.php" Directory Traversal Vulnerability

    SECUNIA ADVISORY ID:
    SA10769

    VERIFY ADVISORY:
    http://www.secunia.com/advisories/10769/

    CRITICAL:
    Moderately critical

    IMPACT:
    Exposure of system information, Exposure of sensitive information

    WHERE:
    >From remote

    SOFTWARE:
    phpMyAdmin 2.x

    DESCRIPTION:
    Cedric Cochin has discovered a vulnerability in phpMyAdmin, allowing malicious people to gain knowledge of sensitive information.

    The "export.php" script does not sanitise user input passed to the "what" parameter properly, which can be exploited via classic directory traversal attacks to disclose the content of arbitrary files.

    Example: http://[victim]/export.php?what=../../../[existing_file]

    The vulnerability affects version 2.5.5-pl1 and prior.

    SOLUTION:
    Update to version 2.5.6-rc1. http://www.phpmyadmin.net/home_page/downloads.php
     
Loading...

Share This Page