Signature Detail

HTTP: phpMyAdmin server_databases Remote Code Execution

This signature detects attempts to exploit a known vulnerability against phpMyAdmin. A successful attack can lead to arbitrary code execution.

Extended Description

phpMyAdmin is prone to a vulnerability that attackers can leverage to execute arbitrary commands. This issue occurs because the application fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected application and possibly the underlying computer. This issue affects versions prior to phpMyAdmin 2.11.9.1.

Affected Products

• Debian linux 4.0
• Debian linux 4.0 Alpha
• Debian linux 4.0 Amd64
• Debian linux 4.0 Arm
• Debian linux 4.0 Hppa
• Debian linux 4.0 Ia-32
• Debian linux 4.0 Ia-64
• Debian linux 4.0 M68k
• Debian linux 4.0 Mips
• Debian linux 4.0 Mipsel
• Debian linux 4.0 Powerpc
• Debian linux 4.0 S/390
• Debian linux 4.0 Sparc
• Gentoo linux
• Mandriva corporate_server 4.0
• Mandriva corporate_server 4.0.0 X86 64
• Phpmyadmin phpmyadmin 2.10.0.1
• Phpmyadmin phpmyadmin 2.10.0.2
• Phpmyadmin phpmyadmin 2.11.1
• Phpmyadmin phpmyadmin 2.11.1.1
• Phpmyadmin phpmyadmin 2.11.1.2
• Phpmyadmin phpmyadmin 2.11.2.1
• Phpmyadmin phpmyadmin 2.11.2.2
• Phpmyadmin phpmyadmin 2.11.4
• Phpmyadmin phpmyadmin 2.11.5
• Phpmyadmin phpmyadmin 2.11.5.1
• Phpmyadmin phpmyadmin 2.11.5.2
• Phpmyadmin phpmyadmin 2.11.7
• Phpmyadmin phpmyadmin 2.11.8
• Phpmyadmin phpmyadmin 2.11.8.1
• Phpmyadmin phpmyadmin 2.11.9
• Phpmyadmin phpmyadmin 2.9.1
• Phpmyadmin phpmyadmin 2.9.1.1
• Phpmyadmin phpmyadmin 2.9.2-Rc1
• Red_hat fedora 8
• Red_hat fedora 9
• Suse opensuse 10.3
• Suse opensuse 11.0
• Suse opensuse 11.1
• Turbolinux appliance_server 3.0
• Turbolinux appliance_server 3.0 X64
• Typo3 phpmyadmin 0.2.2
• Typo3 phpmyadmin 3.0.0
• Typo3 phpmyadmin 3.0.1
• Typo3 phpmyadmin 3.2.0

References

• BugTraq: 31188
• CVE: CVE-2008-4096
• URL: http://fd.the-wildcat.de/pma_e36a091q11.php