Info

Disclosure

Jul 31, 2001

Discovery

Jul 31, 2001

Dates

Exploit

Jul 31, 2001

Solution

Unknown

Description

phpMyAdmin contains a flaw that may allow a remote malicious user to execute arbitrary commands. The issue arises due to the eval() function not properly checking input within tbl_copy.php which can be exploited by sending a specially crafted URL to the page. It is possible that the flaw may allow remote execution of arbitrary commands within the permissions context of the web server's user and group. This could result in a loss of system integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Upgrade to phpMyAdmin version 2.2.0 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Comment out the eval() function within tbl_copy.php, as there are no call's made to the eval() function at any point within the script.

Products

phpMyAdmin Development Team	phpMyAdmin	2.0.x
		2.2.0 RC3
		2.2.0 RC2
		2.2.0 RC1
		2.2.0 pre2
		2.2.0 pre1
		2.1.x

References

CVE ID: 2001-1060 (see also: NVD)
Bugtraq ID: 3121
ISS X-Force ID: 6929
Related OSVDB ID: 8401
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-07/0757.html
Vendor URL: http://www.phpmyadmin.net/home_page/

Credit

Carl Livitt - carlagenda-security.co.uk - Agenda Security Services

Direct URL: http://osvdb.org/8400

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

phpMyAdmin Development Team

phpMyAdmin

References

Credit