| Secunia Advisory: | SA29944 | |
| Release Date: | 2008-04-23 | |
| Critical: |  Less critical | |
| Impact: | Exposure of system information Exposure of sensitive information | |
| Where: | From remote | |
| Solution Status: | Vendor Patch | |
| Software: | phpMyAdmin 1.x phpMyAdmin 2.x | |
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information.
The vulnerability is caused due to an unspecified error and can be exploited to disclose arbitrary files via a specially crafted HTTP POST request.
Successful exploitation requires a certain level of access e.g. on a shared host.
The vulnerability is reported in all versions prior to 2.11.5.2.
Solution:
Update to version 2.11.5.2.
Provided and/or discovered by:
The vendor credits Cezary Tomczak.
Original Advisory:
PMASA-2008-3:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-3
資料來源 http://secunia.com/advisories/29944/
全站熱搜
留言列表
