Michael Brooks discovered that phpMyAdmin, a tool to administrate MySQL over the web, performs insufficient input sanitising allowing a user assisted remote attacker to execute code on the webserver. For the stable distribution (etch), this problem has been fixed in version 2.9.1.1-10. For the testing distribution (lenny) and unstable distribution (sid), this problem has been fixed in version 2.11.8.1-5. We recommend that you upgrade your phpmyadmin package.
Michael Brooks discovered that phpMyAdmin, a tool to administrate MySQL over the web, performs insufficient input sanitising allowing a user assisted remote attacker to execute code on the webserver.
For the stable distribution (etch), this problem has been fixed in version 2.9.1.1-10.
For the testing distribution (lenny) and unstable distribution (sid), this problem has been fixed in version 2.11.8.1-5.
We recommend that you upgrade your phpmyadmin package.
MD5 checksums of the listed files are available in the original advisory.