CVE-2008-1149

NameCVE-2008-1149
DescriptionphpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1557-1
NVD severitymedium (attack range: remote, user-initiated)
Debian/oldoldstablenot vulnerable.
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
phpmyadmin (PTS)squeeze, squeeze (security)4:3.3.7-7fixed
squeeze (lts)4:3.3.7-8fixed
wheezy, wheezy (security)4:3.4.11.1-2+deb7u1fixed
jessie4:4.2.12-2fixed
stretch4:4.4.7-1fixed
sid4:4.4.8-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
phpmyadminsource(unstable)4:2.11.5-1low
phpmyadminsourceetch4:2.9.1.1-7mediumDSA-1557-1
phpmyadminsourcesarge(not affected)

Notes

[etch] - phpmyadmin <no-dsa> (Minor issue)
[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
PMASA-2008-1. SQL injection if you can set local cookies, which means
you must be able to create pages in the same cookie domain, which seems
rare and unwise. low priority.

Search for package or bug name: Reporting problems