Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 Sep 2008 20:50:37 +0200
From: Thijs Kinkhorst <>
Subject: phpMyAdmin code execution (CVE request)

Hi all,

"- (  [security] Code execution vulnerability"

"Welcome to this security update for phpMyAdmin 2.11.9.
Details will follow on"

Attached patch is the fix from upstream. Judging from that (no other 
information is available yet), an authenticated user can supply a crafted 
sort_by parameter to server_databases.php, which will be turned in to 
executed PHP code because it is passed into create_function(). It is present 
at least since 2.9.1.

I would like to have a CVE id to refer to this issue.


View attachment "pma_codeexecution.diff" of type "text/x-diff" (2833 bytes)

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.