Bug 1123272 - (CVE-2019-6799) VUL-0: CVE-2019-6799: phpMyAdmin: Arbitrary file read vulnerability (PMASA-2019-1)
(CVE-2019-6799)
VUL-0: CVE-2019-6799: phpMyAdmin: Arbitrary file read vulnerability (PMASA-20...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.0
Other Other
: P3 - Medium : Major (vote)
: ---
Assigned To: Christian Wittmer
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-01-28 07:52 UTC by Andreas Stieger
Modified: 2019-03-01 05:59 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2019-01-28 07:52:53 UTC
https://www.phpmyadmin.net/security/PMASA-2019-1/

Announcement-ID: PMASA-2019-1

Date: 2019-01-21
Summary: Arbitrary file read vulnerability
Description: When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access.

phpMyadmin attempts to block the use of LOAD DATA INFILE, but due to a bug in PHP, this check is not honored. Additionally, when using the 'mysql' extension, mysql.allow_local_infile is enabled by default. Both of these conditions allow the attack to occur.
Severity: We consider this vulnerability to be critical.

Mitigation factor: This attack can be mitigated by setting the `AllowArbitraryServer` configuration directive to false (which is the default value).

Affected Versions: phpMyAdmin versions from at least 4.0 through 4.8.4 are affected

https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec
https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a95500920a900
Comment 1 Swamp Workflow Management 2019-02-01 19:50:12 UTC
This is an autogenerated message for OBS integration:
This bug (1123272) was mentioned in
https://build.opensuse.org/request/show/670631 15.0+42.3+Backports:SLE-12+Backports:SLE-15 / phpMyAdmin
Comment 2 Swamp Workflow Management 2019-02-12 13:40:52 UTC
This is an autogenerated message for OBS integration:
This bug (1123272) was mentioned in
https://build.opensuse.org/request/show/673857 15.1 / phpMyAdmin
Comment 3 Swamp Workflow Management 2019-02-18 14:09:45 UTC
openSUSE-SU-2019:0194-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1123271,1123272
CVE References: CVE-2019-6798,CVE-2019-6799
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    phpMyAdmin-4.8.5-35.1
Comment 4 Swamp Workflow Management 2019-02-18 14:14:34 UTC
openSUSE-SU-2019:0194-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1123271,1123272
CVE References: CVE-2019-6798,CVE-2019-6799
Sources used:
openSUSE Leap 42.3 (src):    phpMyAdmin-4.8.5-27.1
openSUSE Leap 15.0 (src):    phpMyAdmin-4.8.5-lp150.2.15.1
openSUSE Backports SLE-15 (src):    phpMyAdmin-4.8.5-bp150.3.9.1
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    phpMyAdmin-4.8.5-35.1
Comment 5 Marcus Meissner 2019-03-01 05:59:07 UTC
released