GLSA-201707-03 : phpMyAdmin: Security bypass
Medium Nessus Plugin ID 101334
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201707-03 (phpMyAdmin: Security bypass)
A vulnerability was discovered where the restrictions caused by “$cfg[‘Servers’][$i][‘AllowNoPassword’] = false” are bypassed under certain PHP versions. This can lead compromised user accounts, who have no passwords set, even if the administrator has set “$cfg[‘Servers’][$i][‘AllowNoPassword’]” to false (which is the default).
This behavior depends on the PHP version used (it seems PHP 5 is affected, while PHP 7.0 is not).
A remote attacker, who only needs to know the username, could bypass security restrictions and access phpMyAdmin.
Set a password for all users.
SolutionAll phpMyAdmin 4.0.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-18.104.22.168:22.214.171.124' All other phpMyAdmin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-4.7.0:4.7.0'