For the English version of this alert, click here.
Allele Security Alert
ASA-2018-00072
Identificador(es)
ASA-2018-00072, CVE-2018-19969
Título
Vulnerabilidade de XSRF/CSRF devido aplicação receber parâmetros via GET
Fabricante(s)
The phpMyAdmin Project
Produto(s)
phpMyAdmin
Versão(ões) afetada(s)
phpMyAdmin 4.7.0 até 4.7.6 e 4.8.0 até 4.8.3
Versão(ões) corrigida(s)
phpMyAdmin 4.8.4
Prova de conceito
Desconhecido
Descrição
Ao enganar um usuário para clicar em uma URL criada, é possível executar operações SQL prejudiciais, como renomear bancos de dados, criar novas tabelas/rotinas, excluir páginas de designer, adicionar/excluir usuários, atualizar senhas de usuários, eliminar processos SQL etc.
Detalhes técnicos
Desconhecido
Créditos
Daniel Le Gall (SCRT), Mustafa Hasan, SI9INT e Prasetia Ari
Referência(s)
Security fix: phpMyAdmin 4.8.4 is released
https://www.phpmyadmin.net/news/2018/12/11/security-fix-phpmyadmin-484-released/
phpMyAdmin – Security – PMASA-2018-7
https://www.phpmyadmin.net/security/PMASA-2018-7/
Retrieve parameters from $_POST in database and table operation pages
https://github.com/phpmyadmin/phpmyadmin/commit/f049c127ca21885ab0856a8c562ed1c74961bb5d
Fix missing parameter
https://github.com/phpmyadmin/phpmyadmin/commit/be0660e4c46a1f3f74d86bac41419d5804201502
Retrieve parameters from $_POST in central columns page
https://github.com/phpmyadmin/phpmyadmin/commit/77ea7024bfa75659dea20dacb225f0d48414fd02
Retrieve parameters from $_POST in tracking pages
https://github.com/phpmyadmin/phpmyadmin/commit/ad7f7fd80192bd9f7f22f4d8d9a8818dd69f3e0c
Retrieve parameters from $_POST in server_databases page
https://github.com/phpmyadmin/phpmyadmin/commit/5d781422fb9f0af54e9cf9c85371b4d8c02ac56d
Fix #249 CSRF to CREATE TABLE query
https://github.com/phpmyadmin/phpmyadmin/commit/d6e04ca09b205cbc1e00f26da9d1f3690287a4af
Retrieve parameters from $_POST in routines
https://github.com/phpmyadmin/phpmyadmin/commit/d9279982a9c24456c061ecc700f69610424e854e
Fix routines tests
https://github.com/phpmyadmin/phpmyadmin/commit/3ac68d2edaafea38c3c45e364933456540603c09
Parameter item_type should be read from $_REQUEST as it can be in both $_POST and $_GET
https://github.com/phpmyadmin/phpmyadmin/commit/98ef759676cfc60db56aff657d5f66f818780872
Retrieve parameters from $_POST in events
https://github.com/phpmyadmin/phpmyadmin/commit/faced0a344a3e3c2cfe645d400fcddc54dcc7f4e
Retrieve parameters from $_POST in triggers
https://github.com/phpmyadmin/phpmyadmin/commit/d0eede7c566d97f92b5fda1560fa07b583ffc0a4
Retrieve parameters from $_POST in view create/edit
https://github.com/phpmyadmin/phpmyadmin/commit/42561e689613e6712920bada4e2f957a96252f97
Fix create view dialog not sending parameters as POST
https://github.com/phpmyadmin/phpmyadmin/commit/ca06ecc87681e7d547271fdbd06816a2bee9be80
Retrieve parameters from $_POST in insert/edit pages
https://github.com/phpmyadmin/phpmyadmin/commit/3d9ed655cc6107bd0e8e6d5f5a5f58d0fc791564
Retrieve parameters from $_POST in table_row_action
https://github.com/phpmyadmin/phpmyadmin/commit/b72e55acf82a67fcb9d8eb341878f8e9fc7af295
Retrieve parameters from $_POST in table structure
https://github.com/phpmyadmin/phpmyadmin/commit/9219b28f474f032621b3cc827d12407673e47b08
Retrieve parameters from $_POST in database QBE
https://github.com/phpmyadmin/phpmyadmin/commit/6c03ebad38a64ac1c53f9bae9e9c2d5e0d556bfd
Fix phpmyadmin-security#254 CSRF allowing password reset
https://github.com/phpmyadmin/phpmyadmin/commit/7d3f203131231d09a7485c38355f5cb546cbf897
Retrieve parameters from $_POST in designer
https://github.com/phpmyadmin/phpmyadmin/commit/2a749337bf9e1319f5d0bc62aae3f79f8f9080d0
Retrieve parameters from $_POST in user/Privileges pages
https://github.com/phpmyadmin/phpmyadmin/commit/35d87e607227c4ea0d1613ad39c5bca75b726fca
Fix test failures
https://github.com/phpmyadmin/phpmyadmin/commit/80eaee9c0a1fadc4c7f7ab3838b3fe5eb15a7830
Retrieve parameters from $_POST in mult_submits.inc.php
https://github.com/phpmyadmin/phpmyadmin/commit/259cbc6ab1d61afb3a657ad4a787eefe8278ec29
Retrieve parameters from $_POST in export
https://github.com/phpmyadmin/phpmyadmin/commit/c1cdaac2f465dd6b9e17f9f35fd46861ad703a6d
Retrieve parameters from $_POST in tbl_addfield
https://github.com/phpmyadmin/phpmyadmin/commit/1edf1aced6ad963c9f282666150f7f36f1ca449e
Retrieve parameters from $_POST in import
https://github.com/phpmyadmin/phpmyadmin/commit/bf3e6c3a77ff5d1fc2a15bba7f0a66e7fcb357e6
Retrieve parameters from $_POST in normalization
https://github.com/phpmyadmin/phpmyadmin/commit/827e4dcf2ce738d7b320682e97e29ad448f9147f
Retrieve parameters from $_POST in navigation
https://github.com/phpmyadmin/phpmyadmin/commit/b4e1862740b3412aab2f7079649a705f317cb1b0
Retrieve parameters from $_POST in sql pages
https://github.com/phpmyadmin/phpmyadmin/commit/5109c1787e111a87521db94c93d4cb2c46cc29f4
Retrieve parameters from $_POST in ajax.php
https://github.com/phpmyadmin/phpmyadmin/commit/88e162b651dfbd64c98ac40976023c4b7d1438bb
Retrieve parameters from $_POST in browse foreigners
https://github.com/phpmyadmin/phpmyadmin/commit/e7e7d56c759366c61824b67f48ec0ba4d5507105
Retrieve parameters from $_POST in chk_rel
https://github.com/phpmyadmin/phpmyadmin/commit/593b2571cd8ba5110cd39fee896ea172ca2c81d5
Retrieve parameters from $_POST in error report
https://github.com/phpmyadmin/phpmyadmin/commit/737ac997f9271d15f08b20893c9174a312027b74
Retrieve parameters from $_POST in GIS data editor
https://github.com/phpmyadmin/phpmyadmin/commit/0fe1a3bea88a553407930f83380b88d7591d2bdd
Retrieve parameters from $_POST in server_status_processes.php
https://github.com/phpmyadmin/phpmyadmin/commit/79548c0dcfc185f7c31a0c527d952a2b14266ddf
Retrieve parameters from $_POST in server_user_groups.php
https://github.com/phpmyadmin/phpmyadmin/commit/89db84213ba1b2b38387632c884c6fe64166f512
Retrieve parameters from $_POST in server_status_variables.php
https://github.com/phpmyadmin/phpmyadmin/commit/30543ad81f5151d592e39e3075dd32a7487d8d9e
Retrieve parameters from $_POST in db_search.php
https://github.com/phpmyadmin/phpmyadmin/commit/0be9a53fcfd4131c8737f717371570402b292361
Retrieve parameters from $_POST in tbl_indexes.php
https://github.com/phpmyadmin/phpmyadmin/commit/d01ece698a18624ede4bccffd81035da7c27b9a0
Retrieve parameters from $_POST in table relation
https://github.com/phpmyadmin/phpmyadmin/commit/d1d90b59b28ab8be332e442df55864cb858e40dd
Retrieve parameters from $_POST in server_status_monitor.php
https://github.com/phpmyadmin/phpmyadmin/commit/a98207c6de3bde433602273d1cccc7f2f99d7501
Retrieve parameters from $_POST in server replication
https://github.com/phpmyadmin/phpmyadmin/commit/eb13c69f0db2b1158d4b36deef7544fa1a932505
Retrieve parameters from $_POST in view_operations.php
https://github.com/phpmyadmin/phpmyadmin/commit/79fd80cef5da7f67eed01825b4d4b957d03acffd
Retrieve parameters from $_GET in url.php
https://github.com/phpmyadmin/phpmyadmin/commit/01e8064e3530a05d8d2975ad29fdd519a952e0ec
Retrieve parameters from $_POST in server binlog
https://github.com/phpmyadmin/phpmyadmin/commit/34972f0132c6e04fc324ad422f2fc609df7a22ec
Retrieve parameters from $_POST in table search
https://github.com/phpmyadmin/phpmyadmin/commit/6fd9bfb75b357e375c8992a8c9194411954a8427
Retrieve parameters from $_POST in partition definition
https://github.com/phpmyadmin/phpmyadmin/commit/c36592b4e8dfe6e5b2e7c9197c32abdf155df350
Retrieve parameters from $_POST in Table class
https://github.com/phpmyadmin/phpmyadmin/commit/d745d1ce019bf1aa60f19e8ac993389adb81e3a9
Retrieve parameters from $_POST in UserPassword class
https://github.com/phpmyadmin/phpmyadmin/commit/d98b40281b0e8781918240b201b35758b474e595
Retrieve parameters from $_POST in server variables
https://github.com/phpmyadmin/phpmyadmin/commit/e7f1e2697acace0d05356a943174cefeae1cf11e
CVE-2018-19969
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19969
CVE-2018-19969
https://nvd.nist.gov/vuln/detail/CVE-2018-19969
Se encontrou algum erro neste alerta ou deseja uma análise compreensiva, entre em contato.
Última modificação: 29 janeiro 2019