phpMyAdmin: Permissions, Privileges, and Access Controls (CVE-2008-7251)

Back to Search

phpMyAdmin: Permissions, Privileges, and Access Controls (CVE-2008-7251)

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

01/19/2010

Created

07/25/2018

Added

05/04/2017

Modified

10/16/2019

Description

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.

Solution(s)

phpmyadmin-upgrade-latest

References

https://attackerkb.com/topics/cve-2008-7251
37826
CVE - 2008-7251
DSA-2034
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11536&r2=11535&pathrev=11536
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
http://secunia.com/advisories/38211
http://secunia.com/advisories/39503
http://www.debian.org/security/2010/dsa-2034
http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php
http://www.securityfocus.com/bid/37826
http://www.vupen.com/english/advisories/2010/0910

Advanced vulnerability management analytics and reporting.

Key Features

Lightweight Endpoint Agent
Live Dashboards
Real Risk Prioritization
IT-Integrated Remediation Projects
Cloud, Virtual, and Container Assessment
Integrated Threat Feeds
Easy-to-Use RESTful API
Automation-Assisted Patching
Automated Containment

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

phpMyAdmin: Permissions, Privileges, and Access Controls (CVE-2008-7251)