 Relationships |
|
| Anonymous | Login | 2024-04-19 17:12 CEST |
| Main | My View | View Issues |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0004857 | [phpmyadmin] upgrade | major | always | 2011-11-07 21:34 | 2011-11-09 09:09 | ||
| Reporter | bwalton | View Status | public | ||||
| Assigned To | bonivart | ||||||
| Priority | high | Resolution | fixed | Platform | |||
| Status | closed | OS | |||||
| Projection | none | OS Version | |||||
| ETA | none | Product Build | |||||
| Summary | 0004857: Exploit in the wild for phpmyadmin | ||||||
| Description |
Hi Peter, There is an in the wild exploit for phpmyadmin right now: http://www.phpmyadmin.net/home_page/security/PMASA-2011-10.php [^] http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php [^] Time for an upgrade (and likely a notice on users@/announce@?) Thanks -Ben |
||||||
| Steps To Reproduce | |||||||
| Additional Information |
From our local security team: "GET /phpmyadmin/index.php?session_to_unset=" followed by a few variables/values, and quite a bit of encoded attack code. That should tell you if you were attacked (but not if the attacks were successful). The attack will likely drop a backdoor on your system. Look for a subsequent successful connection to the backdoor to determine if you've been hacked. |
||||||
| Tags | No tags attached. | ||||||
| Attached Files | |||||||
|
|
|||||||
|
Relationships |
|
|
Notes |
|
|
(0009392) bonivart (developer) 2011-11-08 09:17 |
Luckily I had 3.4.5 sitting in experimental so I just uploaded it to unstable. |
| Copyright © 2000 - 2008 Mantis Group |  |
