phpMyAdmin Upgrade: Security Flaw

[Eric Pretorious]

1. At the bottom of the phpMyAdmin homepage there's a warning:
   
   

   A newer version of phpMyAdmin is available and you should consider upgrading. The newest version is 4.0.0, released on 2013-05-03.

2. In Volume 13, Number 19 of the @RISK: The Consensus Security Vulnerability Alert, SANS has issued an alert...
   
   

   ID: CVE-2013-3238
   Title: phpMyAdmin preg_replace() Input Validation Error Script
   Execution Vulnerability
   Vendor: phpMyAdmin
   Description: phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.
   CVSS v2 Base Score: 6.0 (AV:N/AC:M/Au:S/C/I/A)

From the most recent rpt_cl_report_for_admin__:

Parallels Panel version psa v11.0.9_build110120608.16 os_CentOS 6

Has the Plesk community already been notified of this vulnerability? Has this vulnerability already been addressed? How/When will phpMyAdmin be upgraded?

 

[EricVis]

parallels, any update - sounds serious?