phpMyAdmin grab_globals.lib.php subform Parameter Traversal Local File Inclusion

medium Nessus Plugin ID 19950

Synopsis

The remote web server contains a PHP application that is prone to a local file inclusion flaw.

Description

The version of phpMyAdmin installed on the remote host allows attackers to read and possibly execute code from arbitrary files on the local host because of its failure to sanitize the parameter 'subform' before using it in the 'libraries/grab_globals.lib.php' script.

Solution

Upgrade to phpMyAdmin 2.6.4-pl2 or later.

See Also

http://securityreason.com/achievement_securityalert/24

http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4

Plugin Details

Severity: Medium

ID: 19950

File Name: phpMyAdmin_usesubform_file_includes.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 10/11/2005

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Required KB Items: www/phpMyAdmin, www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 10/10/2005

Reference Information

CVE: CVE-2005-3299

BID: 15053