CVE-2011-2506 Information

Description

setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.

Reference

http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f http://secunia.com/advisories/45139 http://secunia.com/advisories/45292 http://secunia.com/advisories/45315 http://securityreason.com/securityalert/8306 http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/ http://www.debian.org/security/2011/dsa-2286 http://www.exploit-db.com/exploits/17514/ http://www.mandriva.com/security/advisories?name=MDVSA-2011:124 http://www.openwall.com/lists/oss-security/2011/06/28/2 http://www.openwall.com/lists/oss-security/2011/06/28/6 http://www.openwall.com/lists/oss-security/2011/06/28/8 http://www.openwall.com/lists/oss-security/2011/06/29/11 http://www.osvdb.org/73612 http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php http://www.securityfocus.com/archive/1/518804/100/0/threaded http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt