ID CVE-2009-4605
Summary scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
References
Vulnerable Configurations
  • phpMYAdmin 2.11.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0
  • phpMYAdmin 2.11.9.6
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.6
  • phpMYAdmin 2.11.9.5
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.5
  • phpMYAdmin 2.11.9.4
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4
  • phpMYAdmin 2.11.9.3
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3
  • phpMYAdmin 2.11.9.2
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2
  • phpMYAdmin 2.11.9.1
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1
  • phpMYAdmin 2.11.9.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0
  • phpMYAdmin 2.11.8.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8.0
  • phpMYAdmin 2.11.7.1
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.1
  • phpMYAdmin 2.11.7.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0
  • phpMYAdmin 2.11.6.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0
  • phpMYAdmin 2.11.5.2
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2
  • phpMYAdmin 2.11.5.1
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1
  • phpMYAdmin 2.11.5.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0
  • phpMYAdmin 2.11.4.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4.0
  • phpMYAdmin 2.11.3.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0
  • phpMYAdmin 2.11.2.2
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2
  • phpMYAdmin 2.11.2.1
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1
  • phpMYAdmin 2.11.2.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0
  • phpMYAdmin 2.11.1.1
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1
  • phpMYAdmin 2.11.1.2
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2
  • phpMYAdmin 2.11.1.0
    cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0
CVSS
Base: 5.0 (as of 20-01-2010 - 10:50)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2034.NASL
    description Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-7251 phpMyAdmin may create a temporary directory, if the configured directory does not exist yet, with insecure filesystem permissions. - CVE-2008-7252 phpMyAdmin uses predictable filenames for temporary files, which may lead to a local denial of service attack or privilege escalation. - CVE-2009-4605 The setup.php script shipped with phpMyAdmin may unserialize untrusted data, allowing for cross site request forgery.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45556
    published 2010-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45556
    title Debian DSA-2034-1 : phpmyadmin - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_PHPMYADMIN-091209.NASL
    description The use of unserialize() on POST data which could have lead to remote code execution (CVE-2009-4605) has been fixed as well as some minor temporary file issues (CVE-2008-7251, CVE-2008-7252).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 44044
    published 2010-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44044
    title openSUSE Security Update : phpMyAdmin (phpMyAdmin-1801)
  • NASL family CGI abuses
    NASL id PHPMYADMIN_PMASA_2010_3.NASL
    description The setup script included with the version of phpMyAdmin installed on the remote host does not properly sanitize user-supplied input before using it to generate a config file for the application. Submitting a specially crafted POST request can result in arbitrary PHP code injection. A remote attacker could exploit this issue in a cross-site request forgery attack, which could be used to execute arbitrary commands on the system with the privileges of the web server.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 44324
    published 2010-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44324
    title phpMyAdmin setup.php unserialize() Arbitrary PHP Code Execution (PMASA-2010-3)
refmap via4
confirm
debian DSA-2034
secunia
  • 38211
  • 39503
suse SUSE-SR:2010:001
vupen ADV-2010-0910
Last major update 06-05-2010 - 01:52
Published 19-01-2010 - 11:30
Back to Top