phpMyAdmin 'server_databases.php' Remote Command Execution Vulnerability

Bugtraq ID: 31188
Class: Input Validation Error
CVE: CVE-2008-4096
CVE-2008-3197
Remote: Yes
Local: No
Published: Sep 15 2008 12:00AM
Updated: Mar 19 2009 06:16PM
Credit: Norman Hippert
Vulnerable: Typo3 phpMyAdmin 3.2
Typo3 phpMyAdmin 3.0.1
Typo3 phpMyAdmin 3.0
Typo3 phpMyAdmin 0.2.2
Turbolinux Appliance Server 3.0 x64
Turbolinux Appliance Server 3.0
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
Red Hat Fedora 9
Red Hat Fedora 8
phpMyAdmin phpMyAdmin 2.11.9
phpMyAdmin phpMyAdmin 2.11.8
phpMyAdmin phpMyAdmin 2.11.7
phpMyAdmin phpMyAdmin 2.11.5
phpMyAdmin phpMyAdmin 2.11.4
phpMyAdmin phpMyAdmin 2.11.1
phpMyAdmin phpMyAdmin 2.9.1
phpMyAdmin phpMyAdmin 2.9.2-rc1
phpMyAdmin phpMyAdmin 2.9.1.1
phpMyAdmin phpMyAdmin 2.11.8.1
phpMyAdmin phpMyAdmin 2.11.5.2
phpMyAdmin phpMyAdmin 2.11.5.1
phpMyAdmin phpMyAdmin 2.11.2.2
phpMyAdmin phpMyAdmin 2.11.2.1
phpMyAdmin phpMyAdmin 2.11.1.2
phpMyAdmin phpMyAdmin 2.11.1.1
phpMyAdmin phpMyAdmin 2.10.0.2
phpMyAdmin phpMyAdmin 2.10.0.1
phpMyAdmin phpMyAdmin 2.10.0.1
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Gentoo Linux
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Not Vulnerable: Typo3 phpMyAdmin 3.3
phpMyAdmin phpMyAdmin 2.11.9 .1


 

Privacy Statement
Copyright 2010, SecurityFocus