Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 05-06-2024, 09:19 PM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Development Area / Suggestions v / phpMyAdmin update

Post Reply 
phpMyAdmin update
Author Message
Kika Offline
Member
***

Posts: 293
Joined: Feb 2007
Reputation: 8
Post: #1
phpMyAdmin update
http://www.phpmyadmin.net/home_page/secu...ASA-2008-7
Quote:phpMyAdmin security announcement PMASA-2008-7

Announcement-ID: PMASA-2008-7
Date: 2008-09-15
Updated: 2008-09-17 (CVE id)

Summary:
Code execution vulnerability

Description:
We received an advisory from Norman Hippert and we wish to thank him for his work. The server_databases.php script was vulnerable to an attack coming from a user who is already logged-on to phpMyAdmin, where he can execute shell code (if the PHP configuration permits commands like exec).

Severity:
We consider this vulnerability to be serious.

Affected versions:
Versions before 2.11.9.1.

Solution:
Upgrade to phpMyAdmin 2.11.9.1 or newer.
References:

http://fd.the-wildcat.de/pma_e36a091q11.php
http://cve.mitre.org/cgi-bin/cvename.cgi...-2008-4096
In case of questions, please contact the phpMyAdmin team. Our website is http://www.phpmyadmin.net/.
09-19-2008 04:12 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
phpMyAdmin update - Kika - 09-19-2008 04:12 PM
RE: phpMyAdmin update - BeNe - 09-19-2008, 04:19 PM
RE: phpMyAdmin update - Kika - 09-19-2008, 04:39 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication