ASA-2018-00071 – phpMyAdmin: Local file inclusion through transformation feature


Allele Security Alert

ASA-2018-00071

Identifier(s)

ASA-2018-00071, CVE-2018-19968, PMASA-2018-6

Title

Local file inclusion through transformation feature

Vendor(s)

The phpMyAdmin Project

Product(s)

phpMyAdmin

Affected version(s)

phpMyAdmin versions from at least 4.0 through 4.8.3 are affected

Fixed version(s)

phpMyAdmin 4.8.4

Proof of concept

Yes

Description

A flaw has been found where an attacker can exploit phpMyAdmin to leak the contents of a local file. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system.

Technical details

Unknown

Credits

Daniel Le Gall

Reference(s)

Security fix: phpMyAdmin 4.8.4 is released
https://www.phpmyadmin.net/news/2018/12/11/security-fix-phpmyadmin-484-released/

phpMyAdmin – Security – PMASA-2018-6
https://www.phpmyadmin.net/security/PMASA-2018-6/

Remove transformation plugin includes
https://github.com/phpmyadmin/phpmyadmin/commit/6a1ba61e29002f0305a9322a8af4eaaeb11c0732

phpMyAdmin (AllowArbitraryServer) Arbitrary File Read Vulnerability
https://www.vulnspy.com/en-phpmyadmin-load-data-local-file-read-local-file/phpmyadmin_(allowarbitraryserver)_arbitrary_file_read_vulnerability/

Rogue-MySql-Server/rogue_mysql_server.py at master · Gifts/Rogue-MySql-Server
https://github.com/Gifts/Rogue-MySql-Server/blob/master/rogue_mysql_server.py

CVE-2018-19968
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19968

CVE-2018-19968
https://nvd.nist.gov/vuln/detail/CVE-2018-19968

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: January 29, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.