Backdoor in phpMyAdmin

Posted: September 25, 2012 in Vulnerability News
Tags: , ,

phpMyAdminIn the latest version of phpMyAdmin is on SourceForge.net found backdoor.

PhpMyAdmin on the site published a report that the latest version of SQL-client phpMyAdmin, distributed resource SourceForge.net, contains backdoor.

Until recently, the mirror cdnetworks-kr-1 at SourceForge.net distribute modified versions of the client, the file contains a backdoor server_sync.php, as well as changes to the file js / cross_framing_protection.js. Discovered backdoor allows an attacker to remotely execute arbitrary PHP code.

At the time of publication of news producer knew only that a compromised version of phpMyAdmin-3.5.2.2-all-languages.zip.

To check whether your version of phpMyAdmin backdoor, check the application for the file server_sync.php. If you are using a compromised version, the manufacturer recommends that you delete it and re-download from a trusted repository.

It is currently unknown when the malicious file was added to the distribution, and how many users had to download it and install it.

Manufacturer thanks for backdoor detection Tencent Security Response Center. A detailed description of the vulnerability can be found here

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s