icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

phpMyAdmin < 3.1.3.1 'file_path' Parameter Multiple Vulnerabilities (PMASA-2009-1)

High

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The version of phpMyAdmin installed on the remote host fails to sanitize user-supplied input to the 'file_path' parameter of the 'bs_disp_as_mime_type.php' script before using it to read a file and reporting it in dynamically generated HTML. An unauthenticated remote attacker may be able to leverage this issue to read arbitrary files, possibly from third-party hosts, or to inject arbitrary HTTP headers in responses sent to third-party users. In addition, the version of phpMyAdmin is reportedly vulnerable to a number of other flaws.

Solution

Upgrade to version 3.1.3.1 or apply the patch referenced in the project's advisory.