diff options
| author | matthew <matthew@FreeBSD.org> | 2019-01-27 17:19:39 +0800 |
|---|---|---|
| committer | matthew <matthew@FreeBSD.org> | 2019-01-27 17:19:39 +0800 |
| commit | 11faa3afe7717aa68169e19033dbe3d392d6dd26 (patch) | |
| tree | f6988157e18969b5e8e4a8441c71a941a4ad6e09 /security | |
| parent | 597d0da0d308d214152d4dc1c115a043c6449b5a (diff) | |
| download | freebsd-ports-gnome-11faa3afe7717aa68169e19033dbe3d392d6dd26.tar.gz freebsd-ports-gnome-11faa3afe7717aa68169e19033dbe3d392d6dd26.tar.zst freebsd-ports-gnome-11faa3afe7717aa68169e19033dbe3d392d6dd26.zip | |
Document PMASA-2019-1 and PMSA-2019-2 security advisories: Arbitrary
file disclosure and SQL injection attacks.
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 6b634214730b..119bdb619b5c 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,69 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="111aefca-2213-11e9-9c8d-6805ca0b3d42"> + <topic>phpMyAdmin -- File disclosure and SQL injection</topic> + <affects> + <package> + <name>phpMyAdmin</name> + <name>phpMyAdmin-php56</name> + <name>phpMyAdmin-php70</name> + <name>phpMyAdmin-php71</name> + <name>phpMyAdmin-php72</name> + <range><lt>4.8.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The phpMyAdmin development team reports:</p> + <blockquote cite="https://www.phpmyadmin.net/security/PMASA-2019-1/"> + <h3>Summary</h3> + <p>Arbitrary file read vulnerability</p> + <h3>Description</h3> + <p>When <code>AllowArbitraryServer</code> configuration set + to <code>true</code>, with the use of a rogue MySQL server, + an attacker can read any file on the server that the web + server's user can access.</p> + <p>phpMyadmin attempts to block the use of <code>LOAD DATA + INFILE</code>, but due to a <a href="https://bugs.php.net/bug.php?id=77496">bug in PHP</a>, + this check is not honored. Additionally, when using the + 'mysql' extension, <a href="http://php.net/manual/en/mysql.configuration.php#ini.mysql.allow-local-infile">mysql.allow_local_infile</a> + is enabled by default. Both of these conditions allow the + attack to occur.</p> + <h3>Severity</h3> + <p>We consider this vulnerability to be critical.</p> + <h3>Mitigation factor</h3> + <p>This attack can be mitigated by setting the + `AllowArbitraryServer` configuration directive to false + (which is the default value).</p> + <h3>Affected Versions</h3> + <p>phpMyAdmin versions from at least 4.0 through 4.8.4 are + affected</p> + </blockquote> + <blockquote cite="https://www.phpmyadmin.net/security/PMASA-2019-2/"> + <h3>Summary</h3> + <p>SQL injection in Designer feature</p> + <h3>Description</h3> + <p>A vulnerability was reported where a specially crafted + username can be used to trigger an SQL injection attack + through the designer feature.</p> + <h3>Severity</h3> + <p>We consider this vulnerability to be serious.</p> + <h3>Affected Versions</h3> + <p>phpMyAdmin versions from 4.5.0 through 4.8.4 are affected</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.phpmyadmin.net/security/PMASA-2019-1/</url> + <url>https://www.phpmyadmin.net/security/PMASA-2019-2/</url> + </references> + <dates> + <discovery>2019-01-21</discovery> + <entry>2019-01-27</entry> + </dates> + </vuln> + <vuln vid="7f6146aa-2157-11e9-9ba0-4c72b94353b5"> <topic>gitea -- multiple vulnerabilities</topic> <affects> |