Date: Sun, 27 Jan 2019 09:19:40 +0000 (UTC) From: Matthew Seaman <matthew@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r491330 - head/security/vuxml Message-ID: <201901270919.x0R9Jefl071969@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: matthew Date: Sun Jan 27 09:19:39 2019 New Revision: 491330 URL: https://svnweb.freebsd.org/changeset/ports/491330 Log: Document PMASA-2019-1 and PMSA-2019-2 security advisories: Arbitrary file disclosure and SQL injection attacks. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sun Jan 27 09:03:11 2019 (r491329) +++ head/security/vuxml/vuln.xml Sun Jan 27 09:19:39 2019 (r491330) @@ -58,6 +58,69 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="111aefca-2213-11e9-9c8d-6805ca0b3d42"> + <topic>phpMyAdmin -- File disclosure and SQL injection</topic> + <affects> + <package> + <name>phpMyAdmin</name> + <name>phpMyAdmin-php56</name> + <name>phpMyAdmin-php70</name> + <name>phpMyAdmin-php71</name> + <name>phpMyAdmin-php72</name> + <range><lt>4.8.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The phpMyAdmin development team reports:</p> + <blockquote cite="https://www.phpmyadmin.net/security/PMASA-2019-1/">; + <h3>Summary</h3> + <p>Arbitrary file read vulnerability</p> + <h3>Description</h3> + <p>When <code>AllowArbitraryServer</code> configuration set + to <code>true</code>, with the use of a rogue MySQL server, + an attacker can read any file on the server that the web + server's user can access.</p> + <p>phpMyadmin attempts to block the use of <code>LOAD DATA + INFILE</code>, but due to a <a href="https://bugs.php.net/bug.php?id=77496">bug in PHP</a>, + this check is not honored. Additionally, when using the + 'mysql' extension, <a href="http://php.net/manual/en/mysql.configuration.php#ini.mysql.allow-local-infile">mysql.allow_local_infile</a>; + is enabled by default. Both of these conditions allow the + attack to occur.</p> + <h3>Severity</h3> + <p>We consider this vulnerability to be critical.</p> + <h3>Mitigation factor</h3> + <p>This attack can be mitigated by setting the + `AllowArbitraryServer` configuration directive to false + (which is the default value).</p> + <h3>Affected Versions</h3> + <p>phpMyAdmin versions from at least 4.0 through 4.8.4 are + affected</p> + </blockquote> + <blockquote cite="https://www.phpmyadmin.net/security/PMASA-2019-2/">; + <h3>Summary</h3> + <p>SQL injection in Designer feature</p> + <h3>Description</h3> + <p>A vulnerability was reported where a specially crafted + username can be used to trigger an SQL injection attack + through the designer feature.</p> + <h3>Severity</h3> + <p>We consider this vulnerability to be serious.</p> + <h3>Affected Versions</h3> + <p>phpMyAdmin versions from 4.5.0 through 4.8.4 are affected</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.phpmyadmin.net/security/PMASA-2019-1/</url>; + <url>https://www.phpmyadmin.net/security/PMASA-2019-2/</url>; + </references> + <dates> + <discovery>2019-01-21</discovery> + <entry>2019-01-27</entry> + </dates> + </vuln> + <vuln vid="7f6146aa-2157-11e9-9ba0-4c72b94353b5"> <topic>gitea -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201901270919.x0R9Jefl071969>