phpMyAdmin: CVE-2009-1151: Arbitrary code execution
Bug #387215 reported by
Kenny Millington
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
phpmyadmin (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Fix Released
|
High
|
Unassigned | ||
Hardy |
Fix Released
|
High
|
Unassigned | ||
Intrepid |
Fix Released
|
High
|
Unassigned | ||
Jaunty |
Fix Released
|
High
|
Unassigned | ||
Karmic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
PoC/Exploit:-
http://
(Dapper definitely vulnerable, not tested others yet.)
Related branches
lp:~ari-tczew/ubuntu/dapper/phpmyadmin/fix-CVE-2009-1151
Rejected
for merging
into
lp:ubuntu/dapper-updates/phpmyadmin
- Ubuntu Security Sponsors Team: Pending requested
-
Diff: 60 lines (+42/-0)3 files modifieddebian/changelog (+13/-0)
debian/patches/051_CVE-2009-1151.dpatch (+28/-0)
debian/patches/series (+1/-0)
Ready for review
for merging
into
lp:ubuntu/dapper/phpmyadmin
- Jamie Strandboge: Approve
-
Diff: 97 lines (+75/-0)4 files modifieddebian/changelog (+27/-0)
debian/patches/050_CVE-2008-1149.patch (+18/-0)
debian/patches/051_CVE-2009-1151.dpatch (+28/-0)
debian/patches/series (+2/-0)
CVE References
visibility: | private → public |
Changed in phpmyadmin (Ubuntu Dapper): | |
status: | New → Confirmed |
importance: | Undecided → High |
Changed in phpmyadmin (Ubuntu Hardy): | |
status: | New → Confirmed |
importance: | Undecided → High |
Changed in phpmyadmin (Ubuntu Intrepid): | |
status: | New → Confirmed |
importance: | Undecided → High |
Changed in phpmyadmin (Ubuntu Jaunty): | |
status: | New → Confirmed |
importance: | Undecided → High |
Changed in phpmyadmin (Ubuntu Karmic): | |
status: | New → Confirmed |
importance: | Undecided → High |
importance: | High → Undecided |
status: | Confirmed → Fix Released |
Changed in phpmyadmin (Ubuntu Hardy): | |
status: | Confirmed → In Progress |
Changed in phpmyadmin (Ubuntu Hardy): | |
status: | In Progress → Fix Committed |
Changed in phpmyadmin (Ubuntu Intrepid): | |
status: | Confirmed → Fix Committed |
Changed in phpmyadmin (Ubuntu Jaunty): | |
status: | Confirmed → Fix Committed |
Changed in phpmyadmin (Ubuntu Dapper): | |
status: | Confirmed → New |
To post a comment you must log in.
Confirmed vulnerable version was:-
Version table: 2.8.1-1~ dapper1 0 gb.archive. ubuntu. com dapper- backports/ universe Packages
4:
500 http://