漏洞信息详情
phpMyAdmin共享主机远程信息泄露漏洞
- CNNVD编号:CNNVD-200804-347
- 危害等级: 中危
- CVE编号: CVE-2008-1924
- 漏洞类型: 信息泄露
- 发布时间: 2008-04-23
- 威胁类型: 远程
- 更新时间: 2009-02-20
- 厂 商: phpmyadmin
- 漏洞来源: Cezary Tomczak
漏洞简介
phpMyAdmin是用PHP编写的工具,用于通过WEB管理MySQL。
phpMyAdmin实现上存在未明漏洞。远程攻击者能够访问共享主机的话,就可以通过向phpMyAdmin发送特制的HTTP POST请求导致泄露敏感信息。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
phpMyAdmin phpMyAdmin 2.10.0.1
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.10.0.1
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.7.0-pl2
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.9.0.3
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.10.0.2
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.11.2.2
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.9.2-rc1
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.11.1.1
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.9.1.1
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.11.2.1
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.0
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.0.2
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.0.3
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.0.4
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.0.5
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.1 .2
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.11.4
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.11.5
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.5.4
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.5.5
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.5.5 pl1
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin phpMyAdmin 2.5.5 -rc2
phpMyAdmin phpMyAdmin-2.11.5.2-all-languages.tar.gz
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5.2-all- languages.tar.gz?download
phpMyAdmin
参考网址
来源: BID
名称: 28906
链接:http://www.securityfocus.com/bid/28906
来源: XF
名称: phpmyadmin-unspecified-info-disclosure(41964)
链接:http://xforce.iss.net/xforce/xfdb/41964
来源: www.phpmyadmin.net
链接:http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-3
来源: MANDRIVA
名称: MDVSA-2008:131
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:131
来源: VUPEN
名称: ADV-2008-1328
链接:http://www.frsirt.com/english/advisories/2008/1328/references
来源: DEBIAN
名称: DSA-1557
链接:http://www.debian.org/security/2008/dsa-1557
来源: GENTOO
名称: GLSA-200805-02
链接:http://security.gentoo.org/glsa/glsa-200805-02.xml
来源: SECUNIA
名称: 33822
链接:http://secunia.com/advisories/33822
来源: SECUNIA
名称: 32834
链接:http://secunia.com/advisories/32834
来源: SECUNIA
名称: 30816
链接:http://secunia.com/advisories/30816
来源: SECUNIA
名称: 30034
链接:http://secunia.com/advisories/30034
来源: SECUNIA
名称: 29964
链接:http://secunia.com/advisories/29964
来源: SECUNIA
名称: 29944
链接:http://secunia.com/advisories/29944
来源: SUSE
名称: SUSE-SR:2009:003
链接:http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.HTML
来源: SUSE
名称: SUSE-SR:2008:026
链接:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.HTML
受影响实体
- Phpmyadmin Phpmyadmin:2.11.5.1
- Phpmyadmin Phpmyadmin:2.11.6rc1
- Phpmyadmin Phpmyadmin:2.11.5
- Phpmyadmin Phpmyadmin:2.11.4rc1
- Phpmyadmin Phpmyadmin:2.11.4
补丁
暂无
评论