[Phpmyadmin-git] [SCM] phpMyAdmin website branch, master, updated. a20fe8aefed968b4ce51ac258197e5fa61fbc6a7 - Git

20 Aug 2010

The branch, master has been updated
       via  a20fe8aefed968b4ce51ac258197e5fa61fbc6a7 (commit)
      from  6f2e601a4540541517e2f44286c4debb69fd48bb (commit)
- Log -----------------------------------------------------------------
commit a20fe8aefed968b4ce51ac258197e5fa61fbc6a7
Author: Michal Čihař mcihar@novell.com
Date:   Fri Aug 20 14:03:17 2010 +0200
Add security announcements.
-----------------------------------------------------------------------
Summary of changes:
 templates/security/{PMASA-2009-3 => PMASA-2010-4} |   30 ++++---
 templates/security/PMASA-2010-5                   |   87 +++++++++++++++++++++
 2 files changed, 105 insertions(+), 12 deletions(-)
 copy templates/security/{PMASA-2009-3 => PMASA-2010-4} (51%)
 create mode 100644 templates/security/PMASA-2010-5

diff --git a/templates/security/PMASA-2009-3 b/templates/security/PMASA-2010-4
similarity index 51%
copy from templates/security/PMASA-2009-3
copy to templates/security/PMASA-2010-4
index 218cb14..0dd4a22 100644
--- a/templates/security/PMASA-2009-3
+++ b/templates/security/PMASA-2010-4
@@ -1,11 +1,11 @@
 <html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude" py:strip="">
<py:def function="announcement_id">
-PMASA-2009-3
+PMASA-2010-4
 </py:def>
<py:def function="announcement_date">
-2009-03-24
+2010-08-20
 </py:def>
<py:def function="announcement_summary">
@@ -14,9 +14,9 @@ Insufficient output sanitizing when generating configuration file.
<py:def function="announcement_description">
-Setup script used to generate configuration can be fooled using a crafted POST
+The setup script used to generate configuration can be fooled using a crafted POST
 request to include arbitrary PHP code in generated configuration file.
-Combined with ability to save files on server, this can allow unauthenticated
+Combined with the ability to save files on the server, this can allow unauthenticated
 users to execute arbitrary PHP code.
 </py:def>
@@ -27,28 +27,34 @@ We consider this vulnerability to be critical.
<py:def function="announcement_mitigation">
 Additional steps from administrator are required to actually exploit this
-issue (web server writable config directory has to be created).
+issue (a web server writable config directory has to be created).
 </py:def>
<py:def function="announcement_affected">
-For 2.11.x: versions before 2.11.9.5.<br />
-For 3.x: versions before 3.1.3.1.<br />
+For 2.11.x: versions before 2.11.10.1.
+</py:def>
+
+<py:def function="announcement_unaffected">
+Branch 3.x is not affected by this.
 </py:def>
<py:def function="announcement_solution">
-Upgrade to phpMyAdmin 2.11.9.5 or 3.1.3.1 or apply patch listed below.
+Upgrade to phpMyAdmin 2.11.10.1 or apply the patch listed below.
 </py:def>
-<py:def function="announcement_patches">
-<a href="http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&amp;revision=12301">Revision 12301</a> was applied on all branches.
+<py:def function="announcement_commits_2_11">
+30c83acddb58d3bbf940b5f9ec28abf5b235f4d2
 </py:def>
<py:def function="announcement_references">
-Thanks to Greg Ose (Neohapsis), who has discovered this issue and reported it to us.
+Thanks to Takeshi Terada of Mitsui Bussan Secure Directions, Inc., who has
+discovered this issue and reported it to us. See the <a
+href="https://sourceforge.net/tracker/?func=detail&aid=3045132&group_id=23...
+bug</a> for more details.
 </py:def>
-<py:def function="announcement_cve">CVE-2009-1151</py:def>
+<py:def function="announcement_cve">CVE-2010-3055</py:def>
<xi:include href="_page.tpl" />
 </html>
diff --git a/templates/security/PMASA-2010-5 b/templates/security/PMASA-2010-5
new file mode 100644
index 0000000..cb7b2bb
--- /dev/null
+++ b/templates/security/PMASA-2010-5
@@ -0,0 +1,87 @@
+<html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude" py:strip="">
+
+<py:def function="announcement_id">
+PMASA-2010-5
+</py:def>
+
+<py:def function="announcement_date">
+2010-08-20
+</py:def>
+
+<py:def function="announcement_summary">
+Several XSS vulnerabilities were found in the code.
+</py:def>
+
+<py:def function="announcement_description">
+It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages.
+</py:def>
+
+<py:def function="announcement_severity">
+We consider this vulnerability to be serious.
+</py:def>
+
+<py:def function="announcement_mitigation">
+If the auth_type directive is set to 'config' and the directory is not protected,
+these attacks are more likely to succeed; otherwise, an attacker would need to obtain a 
+valid token via another flaw on the server to be able to exploit these vulnerabilities.
+</py:def>
+
+<py:def function="announcement_affected">
+For 2.11.x: versions before 2.11.10.1 are affected.<br />
+For 3.x: versions before 3.3.5.1 are affected.
+</py:def>
+
+<py:def function="announcement_solution">
+Upgrade to phpMyAdmin 3.3.5.1 or 2.11.10.1 or newer or apply patch listed below.
+</py:def>
+
+<py:def function="announcement_references">
+Thanks to Aung Khant from <a href="http://yehg.net">YGN Ethical Hacker Group,
+Myanmar</a> for reporting this issue. See <a
+href="http://yehg.net/lab/pr0js/advisories/phpmyadmin/%5Bphpmyadmin-3.3.5%5D_cross...
+advisory</a> for more details. After this report the team did audit the code as well
+and discovered more issues which are fixed as well.
+</py:def>
+
+<py:def function="announcement_cve">CVE-2010-3056</py:def>
+
+<py:def function="announcement_commits">
+48e909660032ddcbc13172830761e363e7a64d72
+be0f47a93141e2950ad400b8d22a2a98512825c2
+cd205cc55a46e3dc0f8883966f5c854f842e1000
+7dc6cea06522b2d4af50934c983f3967540a4918
+6028221d97efa2a7d56a61ab4c5750d1b2343619
+2a1233b69ccc6c64819c2840ca5277c2dde0b9e0
+fa30188dde357426d339d0d7e29a3969f88d188a
+00add5c43f594f80dab6304a5bb35d2e50540d2d
+c75e41d5d8cdd9bbc745c8cbe2c16998fda1de0c
+533e10213590e7ccd83b98a5cd19ba1c3be119dd
+ea3b718fc379c15e773cc2f18ea4c8ccfa9af57b
+7f266483b827fb05a4be11663003418c2ef1c878
+5bcd95a42c8ba924d389eafee4d7be80bd4039a3
+6d548f7d449b7d4b796949d10a503484f63eaf82
+d2e0e09e0d402555a6223f0b683fdbfa97821a63
+f273e6cbf6e2eea7367f7ef9c63c97ea55b92ca0
+bf60ec82e948450ae18b9e66c48d27da55ebe860
+59b3b4916b31fa44f31b1e2d243ca7dda012ba37
+</py:def>
+
+<py:def function="announcement_commits_2_11">
+a7c004d8d4069ca3c7d1c221f37b9cab39e36aaf
+8b7f07cd954221f276ab11e2c3d98f18deb2f551
+1fe1aa6c0e2d85bed1343f4be21d672368e0a9c1
+8b8ce64792bb981cefc37a19f29f28f112df1c16
+a4a54da173440d4c5097aececef56c28c14dc52e
+c69fca50ee81ff74cda860aad339d4185d32e194
+c910f4c9ec9af876675d96df3fa65d7fc4551cc6
+08e27b89077df26a0f7f0390322bbe80e0437aa1
+110c44a7a3117b94b065742606cc6f7bc05f8cd5
+4951fd1c854d88e22935fd55d342fcb1670dc8e4
+4a50055d52cb1d6ba125b743b0eb422d5549b9c9
+0fd0512c9b7344abad60ab9effb7b7537b2b5d08
+2051a861f8a968dafc297650036cc7e640a18887
+a88dbaf305a44107ffb557e9d93512792744af84
+</py:def>
+
+<xi:include href="_page.tpl" />
+</html>
hooks/post-receive
-- 
phpMyAdmin website


    