20402 2009-06-10 10:37:17 +0400 Multiple vulnerabilities: CVE-2009-1148, CVE-2009-1149, CVE-2009-1150, CVE-2009-1285 2009-12-31 16:59:20 +0300 1 1 4 Development Sisyphus phpMyAdmin unstable all Linux CLOSED FIXED http://www.phpmyadmin.net/home_page/security/PMASA-2009-4.php security P3 blocker --- 22408 1 crux drool drool lav vvk qa-sisyphus oldest_to_newest 92849 0 crux 2009-06-10 10:37:17 +0400 Обнаружено множество проблем безопасности в phpMyAdmin: PMASA-2009-1 - The BLOB streaming feature allowed attacker to include arbitrary files and inject HTTP headers using crafted URL parameters. PMASA-2009-2 - Cross-site scripting on export page using cookies. PMASA-2009-3, PMASA-2009-4 - Insufficient output sanitizing when generating configuration file. Исправление доступно в версиях >= 3.1.3.2 (на данный момент это 3.1.5). 104798 1 lnkvisitor 2009-12-25 11:18:18 +0300 Fixed