Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:13 июля 2011 г.
Источник:
SecurityVulns ID:11785
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:TUGUX : Tugux CMS 1.2
 FERDOWS : Ferdows CMS Pro 1.1
 FERDOWS : Ferdows CMS 9.0
 PHPMYADMIN : phpMyAdmin 3.3
 PHPMYADMIN : phpMyAdmin 3.4
CVE:CVE-2011-2508 (Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.)
 CVE-2011-2507 (libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and consequently execute arbitrary PHP code, by leveraging the ability to modify the SESSION superglobal array.)
 CVE-2011-2506 (setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.)
 CVE-2011-2505 (libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability.")
Оригинальный текстdocumentZDI, ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability (13.07.2011)
 documenth_(at)_xxor.se, phpMyAdmin 3.x Multiple Remote Code Executions (13.07.2011)
 documenth_(at)_xxor.se, phpMyAdmin 3.x preg_replace RCE POC (13.07.2011)
 documentrandy_(at)_eidelweiss.info, Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss) (13.07.2011)
 documentZDI, ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability (13.07.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород