FreeBSD : phpmyadmin -- SQL injection vulnerability (ce2f2ade-e7df-11dc-a701-000bcdc1757a)

Medium Nessus Plugin ID 31377


The remote FreeBSD host is missing a security-related update.


A phpMyAdmin security announcement report :

phpMyAdmin used the $_REQUEST superglobal as a source for its parameters, instead of $_GET and $_POST. This means that on most servers, a cookie with the same name as one of phpMyAdmin's parameters can interfere.

Another application could set a cookie for the root path '/' with a 'sql_query' name, therefore overriding the user-submitted sql_query because by default, the $_REQUEST superglobal imports first GET, then POST then COOKIE data. Mitigation factor An attacker must trick the victim into visiting a page on the same web server where he has placed code that creates a malicious cookie.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 31377

File Name: freebsd_pkg_ce2f2adee7df11dca701000bcdc1757a.nasl

Version: $Revision: 1.18 $

Type: local

Published: 2008/03/07

Modified: 2016/12/08

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5.1

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:phpMyAdmin, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/03/04

Vulnerability Publication Date: 2008/03/01

Reference Information

CVE: CVE-2008-1149

BID: 28068

CWE: 89, 352