aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Wilke <miwi@FreeBSD.org>2008-09-17 08:41:26 +0000
committerMartin Wilke <miwi@FreeBSD.org>2008-09-17 08:41:26 +0000
commit73b56623913fb8e91111854ec1eccb8bd1cca832 (patch)
tree73870a6f251a549397cd4777e5b7f5f4c1f16ad9
parent0d726571250a8f94e4e906a1206984a780b2bfb7 (diff)
downloadports-73b56623913fb8e91111854ec1eccb8bd1cca832.tar.gz
ports-73b56623913fb8e91111854ec1eccb8bd1cca832.zip
- Document phpmyadmin -- Code execution vulnerability
Approved by: portmgr (secteam blanked)
Notes
Notes: svn path=/head/; revision=220416
-rw-r--r--security/vuxml/vuln.xml30
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 6a38c3f5b61f..37196bf7303f 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="74bf1594-8493-11dd-bb64-0030843d3802">
+ <topic>phpmyadmin -- Code execution vulnerability</topic>
+ <affects>
+ <package>
+ <name>phpmyadmin</name>
+ <range><lt>2.11.9.1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>A phpMyAdmin security announcement:</p>
+ <blockquote
+ cite="http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7">
+ <p>The server_databases.php script was vulnerable to an attack coming
+ from a user who is already logged-on to phpMyAdmin, where he can
+ execute shell code (if the PHP configuration permits commands like
+ exec).</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://secunia.com/Advisories/31884/</url>
+ <url>http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7</url>
+ </references>
+ <dates>
+ <discovery>2008-09-15</discovery>
+ <entry>2008-09-17</entry>
+ </dates>
+ </vuln>
+
<vuln vid="9227dcaf-827f-11dd-9cd7-0050568452ac">
<topic>twiki -- Arbitrary code execution in session files</topic>
<affects>