Two vulnerabilities were found in phpMyAdmin, that may allow command execution and file disclosure.
We received a security advisory from Nicolas Gregoire (exaprobe.com) about those vulnerabilities and we wish to thank him for his work. Both vulnerabilites can be exploited only on a web server where PHP safe mode is off. The vulnerabilities apply to those points:
As any of those vulnerabilites can be used for command execution or file disclosure, we consider them to be serious (on servers where PHP safe mode is off).
Command execution problem: since phpMyAdmin 2.6.0-pl2. File disclosure problem: vulnerable since at least version 2.4.0.
CVS HEAD has been fixed. The 2.6.1-rc1 release.
We strongly advise everyone to upgrade to version 2.6.1 when released. Meanwhile, setting PHP safe mode to on avoids those problems. If not feasible, you should deactivate MIME-based external transformations and the UploadDir mecanism.
Assigned CVE ids: CVE-2004-1148
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.