'Re: [oss-security] CVE-2008-5621 is a duplicate (was: Re: [oss-security]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2008-5621 is a duplicate (was: Re: [oss-security]
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2009-03-20 0:09:49
Message-ID: Pine.GSO.4.51.0903192009040.13013 () faron ! mitre ! org
[Download RAW message or body]


On Thu, 12 Feb 2009, Thijs Kinkhorst wrote:

> I propose that CVE-2008-5622 gets marked as a duplicate of CVE-2008-5621
> or rejected.

Agreed.  CVE-2008-5621 is preserved.

- Steve


======================================================
Name: CVE-2008-5621
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5621
Reference: MILW0RM:7382
Reference: URL:http://www.milw0rm.com/exploits/7382
Reference: CONFIRM:http://www.phpmyadmin.net/home_page/security/PMASA-2008-10.php
Reference: DEBIAN:DSA-1723
Reference: URL:http://www.debian.org/security/2009/dsa-1723
Reference: FEDORA:FEDORA-2008-11221
Reference: URL:https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00784.html
Reference: FEDORA:FEDORA-2008-11221
Reference: URL:https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00784.html
Reference: SUSE:SUSE-SR:2009:003
Reference: URL:http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
Reference: BID:32720
Reference: URL:http://www.securityfocus.com/bid/32720
Reference: VUPEN:ADV-2008-3402
Reference: URL:http://www.frsirt.com/english/advisories/2008/3402
Reference: SECUNIA:33076
Reference: URL:http://secunia.com/advisories/33076
Reference: SECUNIA:33146
Reference: URL:http://secunia.com/advisories/33146
Reference: SECUNIA:33912
Reference: URL:http://secunia.com/advisories/33912
Reference: SECUNIA:33822
Reference: URL:http://secunia.com/advisories/33822
Reference: SREASON:4753
Reference: URL:http://securityreason.com/securityalert/4753
Reference: XF:phpmyadmin-tblstructure-csrf(47168)
Reference: URL:http://xforce.iss.net/xforce/xfdb/47168

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x
before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to
perform unauthorized actions as the administrator via a link or IMG
tag to tbl_structure.php with a modified table parameter.  NOTE: other
unspecified pages are also reachable, but they have the same root
cause.  NOTE: this can be leveraged to conduct SQL injection attacks
and execute arbitrary code.


======================================================
Name: CVE-2008-5622
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5622

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2008-5621.  Reason:
This candidate is a duplicate of CVE-2008-5621.  Notes: All CVE users
should reference CVE-2008-5621 instead of this candidate.  All
references and descriptions in this candidate have been removed to
prevent accidental usage.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic