CERT-In Advisory CIAD-2010-08
Multiple Vulnerabilities in phpMyAdmin

Original Issue Date: February 08, 2010

Severity Rating:High

System Affected

• phpMyAdmin versions prior to 2.11.10

Overview

Multiple vulnerabilities have been reported in phpMyAdmin versions prior to 2.11.10, which could allow a remote attacker to bypass certain security restrictions and conduct cross-site request forgery attacks.

Description

1. Temporary Directory Permission Vulnerability
    (CVE-2008-7251)

This vulnerability is caused due to libraries /File.class.php in phpMyAdmin creates a temporary directory with 0777 permissions and uses predictable filenames for temporary files, which could be exploited to modify files.

2. Temporary File Predictible Filename Vulnerability
    (CVE-2008-7252)

This vulnerability is caused due to libraries /File.class.php in phpMyAdmin uses predictable filenames for temporary files, which could be exploited to manipulate certain files.

3. Multiple Parameter CSRF Vulnerability (CVE-2009-4605)

Solution

Upgrade to phpMyAdmin 3.0.0 or 2.11.10.
http://www.phpmyadmin.net/home_page/downloads.php

Vendor Information

phpMyAdmin
http://www.phpmyadmin.net/home_page/downloads.php

References

phpMyAdmin
http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php
http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php
http://www.phpmyadmin.net/home_page/security/PMASA-2010-3.php

SecurityFocus
http://www.securityfocus.com/bid/37826/

Secunia
http://secunia.com/advisories/38211/

XFocus
http://xforce.iss.net/xforce/xfdb/55671

VUPEN Security
http://www.vupen.com/english/advisories/2010/0151

SecurityLab
http://en.securitylab.ru/nvd/389930.php

CVE Name
CVE-2008-7251
CVE-2008-7252
CVE-2009-4605

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003