Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60770
HistoryApr 28, 2013 - 12:00 a.m.

phpMyAdmin '$GLOBALS' 数组未授权访问漏洞(CVE-2013-3241)

2013-04-2800:00:00
Root
www.seebug.org
24

0.001 Low

EPSS

Percentile

35.8%

JSON

BUGTRAQ ID: 59461
CVE(CAN) ID: CVE-2013-3241

phpmyadmin是MySQL数据库的在线管理工具,主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。

phpMyAdmin 4.0.0-rc3之前版本内的export.php根据POST超全局数组的内容覆盖了全局变量,经过身份验证的远程用户通过特制的请求利用此漏洞注入任意值。

Php script “export.php” line 20:

------------------------[ source code start ]--------------------------------
foreach ($_POST as $one_post_param => $one_post_value) {
    $GLOBALS[$one_post_param] = $one_post_value;
}
 
PMA_Util::checkParameters(array('what', 'export_type'));
------------------------[ source code end ]-----------------------------------

可以看到 遍历覆盖,,
phpMyAdmin < 4.0.0-rc3
厂商补丁:

phpMyAdmin

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.phpmyadmin.net/home_page/security/
https://github.com/phpmyadmin/phpmyadmin/commit/dedd542cdaf1606ca9aa3f6f8f8adb078d8ad549
https://github.com/phpmyadmin/phpmyadmin/commit/ffa720d90a79c1f33cf4c5a33403d09a67b42a66

Related

prion 1
phpmyadmin 1
ubuntucve 1
cve 1
debiancve 1
openvas 2
zdt 1
packetstorm 1
exploitpack 1
nessus 2
securityvulns 1
seebug 1
exploitdb 1
prion
prion
Design/Logic Flaw
2013-04-26 03:34:00
phpmyadmin
phpmyadmin
Global variables overwrite in "export.php".
2013-04-24 00:00:00
ubuntucve
ubuntucve
CVE-2013-3241
2013-04-26 00:00:00
cve
cve
CVE-2013-3241
2013-04-26 03:34:00
debiancve
debiancve
CVE-2013-3241
2013-04-26 03:34:00
openvas
openvas
phpMyAdmin Multiple Security Vulnerabilities - 2 (Apr 2013) - Windows
2017-08-17 00:00:00
phpMyAdmin Multiple Security Vulnerabilities - 2 (Apr 2013) - Linux
2017-08-17 00:00:00
zdt
zdt
phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities
2013-04-26 00:00:00
packetstorm
packetstorm
phpMyAdmin 3.5.8 / 4.0.0-RC2 Code Execution / LFI / Overwrite
2013-04-25 00:00:00
exploitpack
exploitpack
phpMyAdmin 3.5.84.0.0-RC2 - Multiple Vulnerabilities
2013-04-25 00:00:00
nessus
nessus
phpMyAdmin 3.5.x < 3.5.8.1 / 4.x < 4.0.0-rc3 Multiple Vulnerabilities
2013-07-19 00:00:00
phpMyAdmin 3.5.x < 3.5.8.1 / 4.x < 4.0.0-rc3 Multiple Vulnerabilities (PMASA-2013-2 - PMASA-2013-5
2013-05-02 00:00:00
securityvulns
securityvulns
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
2013-05-06 00:00:00
seebug
seebug
phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities
2014-07-01 00:00:00
exploitdb
exploitdb
phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities
2013-04-25 00:00:00

0.001 Low

EPSS

Percentile

35.8%

JSON
Related for SSV:60770
prion1phpmyadmin1ubuntucve1cve1debiancve1openvas2zdt1packetstorm1exploitpack1nessus2securityvulns1seebug1exploitdb1