Comment 0 for bug 418692

Binary package hint: phpmyadmin

The package provides a writable config directory (actually a config.inc.php symlink into /var/lib/phpmyadmin) which enables the vunlerable scripts/setup.php to write exploit code to /var/lib/phpmyadmin/config.inc.php, the webserver will then execute remote code.

The CVE description incorrectly states this only affects 2.11.x and 3.x, 2.8.x is vulnerable and still unpatched in phpmyadmin SVN. Fortunately the following patch applies pretty cleanly to 2.8.0.3 (cleaned-up patch applied):

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301