PMASA-2016-15

Announcement-ID: PMASA-2016-15

Date: 2016-05-25

Updated: 2016-05-26

Summary

File Traversal Protection Bypass on Error Reporting

Description

A specially crafted payload could result in the error reporting component exposing whether an arbitrary file exists on the file system and the size of that file.

The attacker must be able to intercept and modify the user's POST data and must be able to trigger a JavaScript error to the user.

Updated to include CVE ID.

Severity

We consider this to be non-critical.

Mitigation factor

This attack can be mitigated in affected installations by setting `$cfg['Servers'][$i]['SendErrorReports'] = 'never';`. Upgrading to a more recent development commit is suggested.

Affected Versions

Git 'master' development branch. No released version was vulnerable.

Unaffected Versions

All released versions are not affected as they use precalculated data.

Solution

Upgrade to a more recent snapshot or release version.

References

This issue was found thanks to Mozilla SOS program.

Assigned CVE ids: CVE-2016-5098

CWE ids: CWE-661

Patches

The following commits have been made on the 4.6 branch to fix this issue:

More information

For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.

Announcements