SB2016122915 - Permissions, Privileges, and Access Controls in phpmyadmin (Alpine package)
Published: December 29, 2016
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2016-9849)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction ($cfg['Servers'][$i]['AllowRoot']) and deny rules for username by using Null Byte in the username. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=e3226bf79b872494874e7f139d2c88c069c4d60f
- https://git.alpinelinux.org/aports/commit/?id=3c5da8c4643bf2ec21c87b1c68b3ad2c149fc3b9
- https://git.alpinelinux.org/aports/commit/?id=b36b3560d17cde1b9b07e17906ea6b7612b04cce
- https://git.alpinelinux.org/aports/commit/?id=3e72f91bb20ef89058467b81ddaf2c5793af3ec9
- https://git.alpinelinux.org/aports/commit/?id=517afce6b9a2a1a80adab744a77278db53d919f7
- https://git.alpinelinux.org/aports/commit/?id=a35fc5fa306c1b74cf13f5f8a6624b47b0409a82