[SECURITY] [DSA 880-1] New phpmyadmin packages fix several vulnerabilities

From: Martin Schulze (joey_at_infodrom.org)
Date: 11/02/05

  • Next message: security-alter_at_hp.com: "[security bulletin] SSRT051029 rev.0 - HP OpenVMS Local Denial of Service (DoS)"
    Date: Wed, 2 Nov 2005 12:13:58 +0100 (CET)
    To: bugtraq@securityfocus.com

    Hash: SHA1

    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 880-1 security@debian.org
    http://www.debian.org/security/ Martin Schulze
    November 2nd, 2005 http://www.debian.org/security/faq
    - --------------------------------------------------------------------------

    Package : phpmyadmin
    Vulnerability : several
    Problem type : remote
    Debian-specific: no
    CVE ID : CVE-2005-2869 CVE-2005-3300 CVE-2005-3301
    BugTraq ID : 15169
    Debian Bug : 328501 335306 335513

    Several cross-site scripting vulnerabilities have been discovered in
    phpmyadmin, a set of PHP-scripts to administrate MySQL over the WWW.
    The Common Vulnerabilities and Exposures project identifies the
    following problems:


        Andreas Kerber and Michal Cihar discovered several cross-site
        scripting vulnerabilities in the error page and in the cookie


        Stefan Esser discovered missing safety checks in grab_globals.php
        that could allow an attacker to induce phpmyadmin to include an
        arbitrary local file.


        Tobias Klein discovered several cross-site scripting
        vulnerabilities that could allow attackers to inject arbitrary
        HTML or client-side scripting.

    The version in the old stable distribution (woody) has probably its
    own flaws and is not easily fixable without a full audit and patch
    session. The easier way is to upgrade it from woody to sarge.

    For the stable distribution (sarge) these problems have been fixed in
    version 2.6.2-3sarge1.

    For the unstable distribution (sid) these problems have been fixed in
    version 2.6.4-pl1-1.

    We recommend that you upgrade your phpmyadmin package.

    Upgrade Instructions
    - --------------------

    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.

    If you are using the apt-get package manager, use the line for
    sources.list as given below:

    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages

    You may use an automated update by adding the resources from the
    footer to the proper configuration.

    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------

      Source archives:

          Size/MD5 checksum: 604 bae6eb2d34ffb43fe84be9086aa140cd
          Size/MD5 checksum: 35138 bcf942cced4b77c6ea237032134b7285
          Size/MD5 checksum: 2654418 05e33121984824c43d94450af3edf267

      Architecture independent components:

          Size/MD5 checksum: 2768208 7dddcca1746dfd9c2493fcbb82d7b882

      These files will probably be moved into the stable distribution on
      its next update.

    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: debian-security-announce@lists.debian.org
    Package info: `apt-cache show <pkg>' and http://packages.debian.org/>

    Version: GnuPG v1.4.2 (GNU/Linux)

    -----END PGP SIGNATURE-----

  • Next message: security-alter_at_hp.com: "[security bulletin] SSRT051029 rev.0 - HP OpenVMS Local Denial of Service (DoS)"