svn commit: r491330 - head/security/vuxml
Matthew Seaman
matthew at FreeBSD.org
Sun Jan 27 09:19:41 UTC 2019
Author: matthew
Date: Sun Jan 27 09:19:39 2019
New Revision: 491330
URL: https://svnweb.freebsd.org/changeset/ports/491330
Log:
Document PMASA-2019-1 and PMSA-2019-2 security advisories: Arbitrary
file disclosure and SQL injection attacks.
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sun Jan 27 09:03:11 2019 (r491329)
+++ head/security/vuxml/vuln.xml Sun Jan 27 09:19:39 2019 (r491330)
@@ -58,6 +58,69 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="111aefca-2213-11e9-9c8d-6805ca0b3d42">
+ <topic>phpMyAdmin -- File disclosure and SQL injection</topic>
+ <affects>
+ <package>
+ <name>phpMyAdmin</name>
+ <name>phpMyAdmin-php56</name>
+ <name>phpMyAdmin-php70</name>
+ <name>phpMyAdmin-php71</name>
+ <name>phpMyAdmin-php72</name>
+ <range><lt>4.8.5</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The phpMyAdmin development team reports:</p>
+ <blockquote cite="https://www.phpmyadmin.net/security/PMASA-2019-1/">
+ <h3>Summary</h3>
+ <p>Arbitrary file read vulnerability</p>
+ <h3>Description</h3>
+ <p>When <code>AllowArbitraryServer</code> configuration set
+ to <code>true</code>, with the use of a rogue MySQL server,
+ an attacker can read any file on the server that the web
+ server's user can access.</p>
+ <p>phpMyadmin attempts to block the use of <code>LOAD DATA
+ INFILE</code>, but due to a <a href="https://bugs.php.net/bug.php?id=77496">bug in PHP</a>,
+ this check is not honored. Additionally, when using the
+ 'mysql' extension, <a href="http://php.net/manual/en/mysql.configuration.php#ini.mysql.allow-local-infile">mysql.allow_local_infile</a>
+ is enabled by default. Both of these conditions allow the
+ attack to occur.</p>
+ <h3>Severity</h3>
+ <p>We consider this vulnerability to be critical.</p>
+ <h3>Mitigation factor</h3>
+ <p>This attack can be mitigated by setting the
+ `AllowArbitraryServer` configuration directive to false
+ (which is the default value).</p>
+ <h3>Affected Versions</h3>
+ <p>phpMyAdmin versions from at least 4.0 through 4.8.4 are
+ affected</p>
+ </blockquote>
+ <blockquote cite="https://www.phpmyadmin.net/security/PMASA-2019-2/">
+ <h3>Summary</h3>
+ <p>SQL injection in Designer feature</p>
+ <h3>Description</h3>
+ <p>A vulnerability was reported where a specially crafted
+ username can be used to trigger an SQL injection attack
+ through the designer feature.</p>
+ <h3>Severity</h3>
+ <p>We consider this vulnerability to be serious.</p>
+ <h3>Affected Versions</h3>
+ <p>phpMyAdmin versions from 4.5.0 through 4.8.4 are affected</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://www.phpmyadmin.net/security/PMASA-2019-1/</url>
+ <url>https://www.phpmyadmin.net/security/PMASA-2019-2/</url>
+ </references>
+ <dates>
+ <discovery>2019-01-21</discovery>
+ <entry>2019-01-27</entry>
+ </dates>
+ </vuln>
+
<vuln vid="7f6146aa-2157-11e9-9ba0-4c72b94353b5">
<topic>gitea -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list