phpMyAdmin: Multiple vulnerabilities
Gentoo Linux Security Advisory
||GLSA 200412-19 / phpmyadmin
||December 19, 2004
||December 19, 2004: 01
All supported architectures
phpMyAdmin contains multiple vulnerabilities which could lead to file
disclosure or command execution.
phpMyAdmin is a tool written in PHP intended to handle the
administration of MySQL databases from a web-browser.
Nicolas Gregoire (exaprobe.com) has discovered two vulnerabilities
that exist only on a webserver where PHP safe_mode is off. These
vulnerabilities could lead to command execution or file disclosure.
On a system where external MIME-based transformations are enabled,
an attacker can insert offensive values in MySQL, which would start a
shell when the data is browsed. On a system where the UploadDir is
enabled, read_dump.php could use the unsanitized sql_localfile variable
to disclose a file.
You can temporarily enable PHP safe_mode or disable external
MIME-based transformation AND disable the UploadDir. But instead, we
strongly advise to update your version to 2.6.1_rc1.
All phpMyAdmin users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-2.6.1_rc1"