Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.1326 Multiple vulnerabilities have been identified in phpMyAdmin 26 May 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: phpMyAdmin Publisher: phpMyAdmin Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Cross-site Scripting -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade Original Bulletin: https://www.phpmyadmin.net/security/PMASA-2016-14/ https://www.phpmyadmin.net/security/PMASA-2016-15/ https://www.phpmyadmin.net/security/PMASA-2016-16/ Comment: This bulletin contains three (3) phpMyAdmin security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- PMASA-2016-14 Announcement-ID: PMASA-2016-14 Date: 2016-05-25 Summary Sensitive Data in URL GET Query Parameters Description Because user SQL queries are part of the URL, sensitive information made as part of a user query can be exposed by clicking on external links to attackers monitoring user GET query parameters or included in the webserver logs. Severity We consider this to be non-critical. Mitigation factor Avoid clicking on external links in phpMyAdmin which are not redirected through url.php script. Affected Versions All versions prior 4.6.2 are affected. Solution Upgrade to phpMyAdmin 4.6.2 or newer or apply patches listed below. References Assigned CVE ids: pending CWE ids: CWE-661 Patches The following commits have been made to fix this issue: 11eb574242d2526107366d367ab5585fbe29578f The following commits have been made to fix this issue: 5fc8020c5ba9cd2e38beb5dfe013faf2103cdf0f The following commits have been made to fix this issue: 8326aaebe54083d9726e153abdd303a141fe5ad3 The following commits have been made to fix this issue: 59e56bd63a5e023b797d82eb272cd074e3b4bfd1 The following commits have been made to fix this issue: More information For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net. - --- PMASA-2016-15 Announcement-ID: PMASA-2016-15 Date: 2016-05-25 Summary File Traversal Protection Bypass on Error Reporting Description A specially crafted payload could result in the error reporting component exposing whether an arbitrary file exists on the file system and the size of that file. The attacker must be able to intercept and modify the user's POST data and must be able to trigger a JavaScript error to the user. Severity We consider this to be non-critical. Mitigation factor This attack can be mitigated in affected installations by setting `$cfg['Servers'][$i]['SendErrorReports'] = 'never';`. Upgrading to a more recent development commit is suggested. Affected Versions Git 'master' development branch. No released version was vulnerable. Unaffected Versions All released versions are not affected as they use precalculated data. Solution Upgrade to a more recent snapshot or release version. References Assigned CVE ids: pending CWE ids: CWE-661 Patches The following commits have been made to fix this issue: d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8 More information For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net. - --- PMASA-2016-16 Announcement-ID: PMASA-2016-16 Date: 2016-05-25 Summary Self XSS Description A specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page. Severity We consider this to be non-critical. Affected Versions Versions 4.4.x (prior to 4.4.15.6) and 4.6.x (prior to 4.6.2) are affected. Solution Upgrade to phpMyAdmin 4.4.15.6 or 4.6.2 or newer or apply patch listed below. References Assigned CVE ids: pending CWE ids: CWE-661 Patches The following commits have been made on the 4.6 branch to fix this issue: b061096abd992801fbbd805ef6ff74e627528780 The following commits have been made on the 4.4 branch to fix this issue: 78e71897be0902eb1d5d3d30a33b4417cd7d4d87 More information For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBV0Zv3H6ZAP0PgtI9AQJMew/+IhCXU/rSiDh38xkeHmwY06BP/KqBB0T6 TfTld0q07Xee81IsTgdJJZssAr7urGtwq8q1px6oQLhC+geybIllgsABf3QYYvVI 5OcnznaGuFP3sMeSVsBMkPMbfBTAAiayDKHSjsL87XrZ0TH32W0jOAccmDWokJ0h VQj/1QIrK5JVdqpT9mztPPVyDYjJzc+YJxVrt6jQKJpbpGtzOaYLKqfye18l64Is pNhIQ4rQZflr1BPh6LHblFVNlWZQp+X6AN2IrFppM/CH+NVQ4H4GZbKO2li9aDzZ ughxE7ZqJf2nch7NJdit2A12OPMuD6Lgem4HPD5nOg/EJtWdZpfSLzxNL20Ddpw9 b6SYJjiC7XYrsRTIdTQbNU0zO60Ep2y+Is/2FRrAUuxJS92EL0pQxRQtkc0QAMEI xWbxS+7yd9hnGpL/z8sHUqwIXvOAOOkIVw2L1+3orRgZyk/U6phGo3MVR35aeyKK l8716vff5Lhrr7ZsLoRBmzvI8XMCgjaBz7rIdl7R+pZ5538g9E/AY6hpa2IHp6Ya yx6yLmwez5U6QG0Wup/qHcv8625sym1w31Z8UYyJn1SPxuYICIRN74DigxLL8U4Y ZFNERZ5b82q2sc3Z/UAt5Mxl8+4fjtLhlJGHWSmO9f15JMIbAiQWXbeZWDFzeL1w d+bV4BVVhGM= =kugF -----END PGP SIGNATURE-----