FreeBSD: VID-111AEFCA-2213-11E9-9C8D-6805CA0B3D42: phpMyAdmin -- File disclosure and SQL injection

Description

The phpMyAdmin development team reports:

Summary

Arbitrary file read vulnerability

Description

When AllowArbitraryServer configuration set

to true, with the use of a rogue MySQL server,

an attacker can read any file on the server that the web

server's user can access.

phpMyadmin attempts to block the use of LOAD DATA

INFILE, but due to a bug in PHP,

this check is not honored. Additionally, when using the

'mysql' extension, mysql.allow_local_infile

is enabled by default. Both of these conditions allow the

attack to occur.

Severity

We consider this vulnerability to be critical.

Mitigation factor

This attack can be mitigated by setting the

`AllowArbitraryServer` configuration directive to false

(which is the default value).

Affected Versions

phpMyAdmin versions from at least 4.0 through 4.8.4 are

affected

Summary

SQL injection in Designer feature

Description

A vulnerability was reported where a specially crafted

username can be used to trigger an SQL injection attack

through the designer feature.

Severity

We consider this vulnerability to be serious.

Affected Versions

phpMyAdmin versions from 4.5.0 through 4.8.4 are affected