Vulnerabilities > CVE-2007-1325 - Unspecified vulnerability in PHPmyadmin
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpmyadmin
nessus
Summary
The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_PHPMYADMIN-3990.NASL description Multiple bugs in phpMyAdmin could lead to cross-site-scripting (XSS) attacks, injection of JavaScript code or to crashing the php interpreter. (CVE-2007-1325,PMASA-2007-1,PMASA-2007-2,PMASA-2007-3,PMASA- 2007-4) last seen 2020-06-01 modified 2020-06-02 plugin id 27397 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27397 title openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-3990) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1370.NASL description Several remote vulnerabilities have been discovered in phpMyAdmin, a program to administrate MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1325 The PMA_ArrayWalkRecursive function in libraries/common.lib.php does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. This issue affects only the stable distribution (Etch). - CVE-2007-1395 Incomplete blacklist vulnerability in index.php allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase </SCRIPT> end tag, which bypasses the protection against lowercase </script>. This issue affects only the stable distribution (Etch). - CVE-2007-2245 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function. - CVE-2006-6942 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the newname parameter to db_operations.php, the (4) query_history_latest, (5) query_history_latest_db, and (6) querydisplay_tab parameters to (c) querywindow.php, and (7) the pos parameter to (d) sql.php. This issue affects only the oldstable distribution (Sarge). - CVE-2006-6944 phpMyAdmin allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers. This issue affects only the oldstable distribution (Sarge). last seen 2020-06-01 modified 2020-06-02 plugin id 26031 published 2007-09-14 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26031 title Debian DSA-1370-1 : phpmyadmin - several vulnerabilities
References
- http://osvdb.org/36834
- http://osvdb.org/36834
- http://secunia.com/advisories/26733
- http://secunia.com/advisories/26733
- http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408
- http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:199
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:199
- http://www.php.net/ChangeLog-4.php
- http://www.php.net/ChangeLog-4.php
- http://www.php.net/releases/4_4_8.php
- http://www.php.net/releases/4_4_8.php
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3
- http://www.php-security.org/MOPB/MOPB-02-2007.html
- http://www.php-security.org/MOPB/MOPB-02-2007.html
- http://www.securityfocus.com/bid/22841
- http://www.securityfocus.com/bid/22841
- http://www.us.debian.org/security/2007/dsa-1370
- http://www.us.debian.org/security/2007/dsa-1370
- http://www.vupen.com/english/advisories/2007/0831
- http://www.vupen.com/english/advisories/2007/0831