'Re: [oss-security] Re: CVE for Wordpress plugin Portable-phpmyadmin'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Re: CVE for Wordpress plugin Portable-phpmyadmin
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2013-10-24 1:30:33
Message-ID: 52687839.4000105 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/22/2013 09:00 PM, Anant Shrivastava wrote:
> Exactly, You request the proper url and it lets you in as well as
> let you perform all database level operations available on that
> specific file. some sample screenshots should clear the issue
> (attached for reference). [while phpmyadmin requires a valid userid
> and password for mysql db these credentials are pulled from
> wp-config.php (wordpress config fle) file directly in this plugin]
> 
> Besides these two, there are a large number of full path disclosure
> on the whole project also however as wordpress itself doesn't
> consider that as a security issue rather mark it as a configuration
> issue 
> (http://codex.wordpress.org/Security_FAQ#Why_are_there_path_disclosures_when_directly_loading_certain_files.3F)
>  Hence those are not reported.
> 
> 
> Anant Shrivastava GWAPT | CEH | RHCE Mob : 91-9880166033 E-mail :
> anant@anantshri.info <mailto:anant@anantshri.info> Web :
> http://anantshri.info

Please use CVE-2013-4462 for the auth bypass portion of these
vulnerabilitties.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSaHg5AAoJEBYNRVNeJnmTQksP/2NlMC93l36a3Oe/ymjuXWcz
7dwAleXexfiLpAAANOtyT6c2G5yZSgAzUp3A2W6My2JgQE1i5gtgIBcpuegggXlE
lhuQaZN0Xg/2aLsB8VV1lNRfmr+t+/4MzdMxfJ+ssuTCPi/o/5V/kQy5pKJMUjP7
lh1O+OfjFqtdk5q23elS5hvd6IQFIF+zv7H6s3UAiydcN5FYIbzVikVJdKwX0ldW
SuU3JLOsuVbfiqdjcP34ao56PP7Oc3kDNTduD6s9QO85/yGmKjP9JzEKjWGLvl9+
4GRliHW1hAYC3f177hfrgf0umWpyesA64i7FbfRCNoGONyEDOR8ow7/t5cIg0lkY
ZaLkBAMPXQrxxoDeGOUXNgL1YJv8iZfHTNi6FuapaZ2CWOetu1SmBft2aSUoeXAx
nM4iOpWJ6aZOzAgCgU8Axcn6BjIHZb1K4+QTbt5kVrHa3L8ByjwhyzIqUc/Jq3d4
G4GvnXlA60UnpcTFb+ju1fFVwI/Mnr5GmR8ef0/+blLUGsB+gp1VR+2Xo7JlRONQ
Gy93p6VCsTuFwT9jNIz0dvsV0xs8xGhaEIkuIq5DL0n6TGyDw9B/VLygEAy322X2
Eaa/4AB/epPwtBEh3acS7Xn+l2VCg3S+cQsRxhMPj8JhqEM0sUuI9lNYZzUXSBqO
Y66NUitSzjzNWAZ2XxFf
=epl0
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic