GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Jul 12, 2017 5:26 am Post subject: [ GLSA 201707-03 ] phpMyAdmin |
 |
|
Gentoo Linux Security Advisory
Title: phpMyAdmin: Security bypass (GLSA 201707-03)
Severity: normal
Exploitable: remote
Date: 2017-07-08
Updated: 2017-08-06
Bug(s): #614522
ID: 201707-03
Synopsis
A vulnerability in phpMyAdmin might allow remote attackers to
bypass authentication.
Background
phpMyAdmin is a web-based management tool for MySQL databases.
Affected Packages
Package: dev-db/phpmyadmin
Vulnerable: < 4.0.10.20
Vulnerable: < 4.7.0
Unaffected: >= 4.0.10.20
Unaffected: >= 4.7.0
Architectures: All supported architectures
Description
A vulnerability was discovered where the restrictions caused by
“$cfg[‘Servers’][$i][‘AllowNoPassword’] = false” are bypassed
under certain PHP versions. This can lead compromised user accounts, who
have no passwords set, even if the administrator has set
“$cfg[‘Servers’][$i][‘AllowNoPassword’]” to false (which is
the default).
This behavior depends on the PHP version used (it seems PHP 5 is
affected, while PHP 7.0 is not).
Impact
A remote attacker, who only needs to know the username, could bypass
security restrictions and access phpMyAdmin.
Workaround
Set a password for all users.
Resolution
All phpMyAdmin 4.0.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose
">=dev-db/phpmyadmin-4.0.10.20:4.0.10.20"
|
All other phpMyAdmin users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-4.7.0:4.7.0"
|
References
PMASA-2017-8
Last edited by GLSA on Mon Aug 07, 2017 4:17 am; edited 1 time in total |
|
News & Announcements
