Vulnerability – Backdoor in phpMyAdmin | MALWARELIST.net

Vulnerability – Backdoor in phpMyAdmin

Posted: September 25, 2012 in Vulnerabilities
Tags: backdoor, phpMyAdmin, vulnerability

Backdoor in phpMyAdmin

Severity Rating: Critical
Number of vulnerabilities: 1
Impact: System Compromise
Affected products: phpMyAdmin 3.x
Affected versions: phpMyAdmin 3.5.2.2

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is caused due to the presence of a backdoor in the source code phpMyAdmin-3.5.2.2-all-languages.zip (file server_sync.php), accessible through the mirror “cdnetworks-kr-1” SourceForge. A remote user can execute arbitrary PHP code on the target system.

Manufacturer URL: www.phpmyadmin.net

Solution: Install the latest version from the manufacturer.

links:

http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

MALWARELIST.net – Your Information Security Source

Security Solutions Deals

Follow Blog via Email

Top 5 Best Blog Posts

Categories

Find us on Facebook