14 DAY TRIAL // The phpMyAdmin development team has released new versions of the popular web-based database management tool in order to patch several vulnerabilities, including two marked as critical.
In total there were four security holes patched in the newly released phpMyAdmin 3.4.3.2 and phpMyAdmin 3.3.10.3, with a possible impact ranging from cross-site scripting to local file inclusion and remote code execution.
One vulnerability is located in the Swekey authentication mechanism and can result in the manipulation of the superglobal and local variables, including the SESSION one. The vulnerability is similar to one patched at the beginning of July.
Another flaw is located in the 'relational schema' code and stems from an improperly sanitized parameter when used to concatenate a class name.
Exploitation can result in local file inclusion and code execution, making this vulnerability critical. The impact is mitigated by the fact that an attacker must be logged in to exploit the issue.
A second local file inclusion vulnerability rated as serious was patched in phpMyAdmin's configuration storage mechanism. Exploitation involves passing a specially-crafted MIME-type transformation parameter.
The final vulnerability is a cross-site scripting (XSS) weakness in Print view. This flaw is rated as minor because the attacker would need to be able to create a specifically-named table on the victim's server.
"The attacker must trick the victim into clicking a link that reaches phpMyAdmin's table print view script; one of the link's parameters is a crafted table name (the name containing Javascript code)," the developers explain.
It's worth pointing out that the phpMyAdmin 2.11.x branch which was discontinued earlier this month is also vulnerable to three of these vulnerabilities. Users are advised to upgrade to the latest 3.4.x or 3.3.x versions.
phpMyAdmin is an open source software package written in PHP which allows MySQL databases to be administered via a web interface. It is popular with webmasters and hosting providers because it is more intuitive than the command line and doesn't require SSH access. The latest version of phpMyAdmin can be downloaded from here.