On Thu, Mar 3, 2011 at 2:45 PM, Michal Čihař <ni...@debian.org> wrote: > Hi > > Dne Thu, 3 Mar 2011 12:56:35 +0100 > Bastien ROUCARIES <roucaries.bast...@gmail.com> napsal(a): > >> Package: phpmyadmin >> Version: 4:3.3.9.2-1 >> Severity: important >> Tags: security >> X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org >> >> >> phpmyadmin installed with avahi-daemon broadcast the phpmyadmin adress by >> installing a /etc/avahi/services
See recent thread on debian-devel avahi-daemon is pulled by default by gnome... > Right. If you don't want avahi-daemon to broadcast about installed > services, disable it or do not install it. > > Please can you tell me why this should be security issue? Because you broadcast information about my system and weather phpadmin is installed and where by default. It will help script kiddies... Bastien > > -- > Michal Čihař | http://cihar.com | http://blog.cihar.com > -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
