Secunia
Login
|
|
|
|
|
|
|
|
|
phpMyAdmin SQL Query Bookmarks Security Bypass
Release Date: 2011-02-14 Views: 2,598
Secunia Advisory SA43324
Where:
From remote
Impact:
Security Bypass,
Solution Status:
Vendor Patch
CVE Reference(s):
Description
A security issue has been reported in phpMyAdmin, which can be exploited by malicious users to bypass certain security restrictions.
The security issue is caused due to an error within the handling of bookmarked SQL queries, which can be exploited to e.g. trick other users into executing unintended bookmarked SQL queries.
Successful exploitation requires that the bookmarks functionality is enabled and the configuration storage is set up and enabled.
The security issue is reported in versions prior to 3.3.9.2 and prior to 2.11.11.3.
Solution:
Update to version 3.3.9.2 or later and 2.11.11.3 or later.
Provided and/or discovered by:
Reported by the vendor.
Original Advisory:
PMASA-2011-2:
http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php
Deep Links:
Links available to Secunia VIM customers
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com
Subject: phpMyAdmin SQL Query Bookmarks Security Bypass
|
No posts yet |
|
You must be logged in to post a comment. |
