==================================================================== CERT-Renater Note d'Information No. 2015/VULN083 _____________________________________________________________________ DATE : 15/05/2015 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Phpmyadmin versions 4 prior to 4.0.10.10, 4.2.13.3, 4.3.13.1, 4.4.6.1. ====================================================================== http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php ______________________________________________________________________ PMASA-2015-2 Announcement-ID: PMASA-2015-2 Date: 2015-05-13 Summary XSRF/CSRF vulnerability in phpMyAdmin setup. Description By deceiving a user to click on a crafted URL, it is possible to alter the configuration file being generated with phpMyAdmin setup. Severity We consider this vulnerability to be non critical. Mitigation factor This vulnerability only affects the configuration file generation process and does not affect the effective configuration file. Moreover, the configuration file being generated is at risk only during the period when it's writable. Affected Versions Versions 4.0.x (prior to 4.0.10.10), 4.2.x (prior to 4.2.13.3), 4.3.x (prior to 4.3.13.1) and 4.4.x (prior to 4.4.6.1) are affected. Solution Upgrade to phpMyAdmin 4.0.10.10 or newer, or 4.2.13.3 or newer, or 4.3.13.1 or newer, or 4.4.6.1 or newer, or apply the patch listed below. References Thanks to Inti De Ceukelaire (http://ceukelai.re) for reporting this vulnerability. Assigned CVE ids: CVE-2015-3902 CWE ids: CWE-661 CWE-352 Patches The following commits have been made to fix this issue: ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83 The following commits have been made on the 4.3 branch to fix this issue: 9817bd4030de949ba9ce4cd1b3f047e22d8f66bd The following commits have been made on the 4.2 branch to fix this issue: c903ecf6751684b6af2d079c78b1f0d09ea2bd47 The following commits have been made on the 4.0 branch to fix this issue: fea1d39fef540afa4105c6fbcc849f7e516f3da8 More information For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net. __________________________________________________________________________ PMASA-2015-3 Announcement-ID: PMASA-2015-3 Date: 2015-05-13 Summary Vulnerability allowing man-in-the-middle attack on API call to GitHub. Description A vulnerability in the API call to GitHub can be exploited to perform a man-in-the-middle attack. Severity We consider this vulnerability to be serious. Affected Versions Versions 4.0.x (prior to 4.0.10.10), 4.2.x (prior to 4.2.13.3), 4.3.x (prior to 4.3.13.1) and 4.4.x (prior to 4.4.6.1) are affected. Solution Upgrade to phpMyAdmin 4.0.10.10 or newer, or 4.2.13.3 or newer, or 4.3.13.1 or newer, or 4.4.6.1 or newer, or apply the patch listed below. References Thanks to Maksymilian Arciemowicz of http://cxsecurity.com for reporting this vulnerability. Assigned CVE ids: CVE-2015-3903 CWE ids: CWE-661 CWE-295 Patches The following commits have been made to fix this issue: 5ebc4daf131dd3bd646326267f3e765d0249bbb4 The following commits have been made on the 4.3 branch to fix this issue: 75499e790429c491840a0ad31d4de84aca215d23 The following commits have been made on the 4.2 branch to fix this issue: 0e18931d9e4b23053285b6fddf3493ca426ff684 The following commits have been made on the 4.0 branch to fix this issue: e97e7fb0ea2dedfaa95c7dbe872027fb4bd4204c More information For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net. ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================