Ubuntu
phpmyadmin package

security: phpmyadmin in dapper vulnerable to CVE-2009-1151

Bug #418692 reported by John Keith Hohm
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
phpmyadmin (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Won't Fix
Undecided
Unassigned
Karmic
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: phpmyadmin

The package provides a writable config directory (actually a config.inc.php symlink into /var/lib/phpmyadmin) which enables the vunlerable scripts/setup.php to write exploit code to /var/lib/phpmyadmin/config.inc.php, the webserver will then execute remote code.

The CVE description incorrectly states this only affects 2.11.x and 3.x, 2.8.x is vulnerable and still unpatched in phpmyadmin SVN. Fortunately the following patch applies pretty cleanly to 2.8.0.3 (cleaned-up patch attached):

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301

See original description
Revision history for this message
John Keith Hohm (john-hohm) wrote :
description: updated
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Karmic not affected

visibility: private → public
Changed in phpmyadmin (Ubuntu Karmic):
status: New → Invalid
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for using Ubuntu and taking the time to report a bug. This package is in universe and is community supported. If you are able, perhaps you could prepare debdiffs to fix this by following https://wiki.ubuntu.com/SecurityUpdateProcedures.

Changed in phpmyadmin (Ubuntu Dapper):
status: New → Confirmed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this bug to Ubuntu. dapper has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against dapper is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

Changed in phpmyadmin (Ubuntu Dapper):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.