CVE-2016-2039

Опубликовано: 20 фев. 2016

Источник: debian

Описание

libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
phpmyadmin	fixed	4:4.5.4-1		package

Примечания

squeeze patch was actually incorrect and probably not functional: libraries/phpseclib/Crypt/Random.php needs some engine (e.g. AES) to work
https://www.phpmyadmin.net/security/PMASA-2016-2/
https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd is not sufficient: one needs 29b297f to import more bits from phpseclib or simply import all of phpseclib.
such a fix needs to avoid introducing a new vulnerability as well, upstream introduced CVE-2016-2042 as part of this