Bringing MySQL to the web

PMASA-2008-3

Announcement-ID: PMASA-2008-3

Date: 2008-04-22

Updated: 2008-04-27

Summary

File disclosure on shared hosts via a crafted HTTP POST request.

Description

We received an advisory from Cezary Tomczak, and we wish to thank him for his work. It is possible to read the contents of any file that the web server's user can access. The exact mechanism to achieve this won't be disclosed.

Severity

We consider this vulnerability to be serious.

Mitigation factor

If a user can upload on the same host where phpMyAdmin is running, a PHP script that can read files with the rights of the web server's user, the current advisory does not describe an additional threat.

Affected Versions

Versions before 2.11.5.2.

Solution

Upgrade to phpMyAdmin 2.11.5.2 or newer.

References

Cezary Tomczak's advisory

Assigned CVE ids: CVE-2008-1924

CWE ids: CWE-661 CWE-522

Patches

The following commits have been made to fix this issue:

More information

For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.