PhpMyAdmin Advisory

**jason** · 12-08-2005, 02:15 PM

Just saw this in a SANS @RISK advisory email. Those of you running your own PhpMyAdmin installs may want to take note:

(3) HIGH: phpMyAdmin Remote Variable Overwrite
Affected:
phpMyAdmin version 2.7.0

Description: phpMyAdmin, a PHP-based tool to manage MySQL databases,
contains a remote variable overwrite vulnerability. An attacker can
overwrite the value for "$import_blacklist" variable, which was
originally devised to protect other variables from being overwritten.
By overwriting this variable, an attacker can further overwrite other
important variables such as "$GLOBALS". This can lead to PHP local and
remote file include vulnerabilities that can be exploited to execute
arbitrary PHP code.

Status: phpMyAdmin confirmed, version 2.7.0p1 has been released.

References:
Posting by Stefan Essar
http://archives.neohapsis.com/archiv...5-12/0069.html
Importance of $GLOBALS Variable
http://www.hardened-php.net/index.76.html
phpMyAdmin Fixes
http://www.phpmyadmin.net/home_page/...php?relnotes=0
SecurityFocus BID
http://www.securityfocus.com/bid/15761

--Jason

**Vin DSL** · 12-08-2005, 07:35 PM

Thanks, jason!

I've been working a lot, and haven't had a chance to update phpMyAdmin in two weeks. Consequently, I'm two updates behind...

**Vin DSL** · 12-09-2005, 05:42 AM

Okay, all upgraded! This version is LOTS better than 2.7.0-rc1

BTW, if you haven't done so already, give the 'Arctic Ocean' theme a try. It is, by far, the best looking and most functional phpMyAdmin theme ever!!!