Signature Detail

HTTP: SQL_LOCALFILE Infromation Disclosure

This signature detects attempts to exploit a SQL_LOCALFILE information disclosure vulnerability in phpMyAdmin versions earlier than 2.6.1-rc1. Because these versions do not properly sanitized input, attackers can remotely access arbitrary files.

Extended Description

phpMyAdmin is reported prone to multiple remote vulnerabilities. These issues can allow remote attackers to execute arbitrary commands and disclose files on a vulnerable computer. These issues result from insufficient sanitization of user-supplied data. The command execution is reported to be present since phpMyAdmin 2.6.0-pl2. The file disclosure is present since phpMyAdmin 2.4.0.

Affected Products

• phpMyAdmin 2.4.0 .0
• phpMyAdmin 2.5.0 .0
• phpMyAdmin 2.5.1
• phpMyAdmin 2.5.2
• phpMyAdmin 2.5.4
• phpMyAdmin 2.5.5
• phpMyAdmin 2.5.5 Pl1
• phpMyAdmin 2.5.5 -Rc1
• phpMyAdmin 2.5.5 -Rc2
• phpMyAdmin 2.5.6 -Rc1
• phpMyAdmin 2.5.7
• phpMyAdmin 2.5.7 Pl1
• phpMyAdmin 2.6.0 .0Pl1
• phpMyAdmin 2.6.0 .0Pl2
• phpMyAdmin 2.6.0 .0Pl3
• SuSE Linux 8.0.0
• SuSE Linux 8.0.0 i386
• SuSE Linux 8.1.0
• SuSE Linux Personal 8.2.0
• SuSE Linux Personal 9.0.0
• SuSE Linux Personal 9.0.0 X86 64
• SuSE Linux Personal 9.1.0
• SuSE Linux Personal 9.2.0

References

• BugTraq: 11886
• CVE: CVE-2004-1148
• URL: http://secunia.com/cve_reference/CVE-2004-1148/
• URL: http://xforce.iss.net/xforce/xfdb/18441
• URL: http://marc.theaimsgroup.com/?l=bugtraq&m=110295781828323&w=2