Tuesday, September 25, 2012

phpMyAdmin Compromised Source Package Backdoor Security Issue

A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code.

Secunia ID
Release Date
25 Sep 2012
Criticality
Solution Status
Vendor Patch
Software
phpMyAdmin 3.x
Where
Impact
System access
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Description
A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system.
The security issue is caused due to the distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code.
The compromised source file was distributed via the "cdnetworks-kr-1" SourceForge mirror with the phpMyAdmin-3.5.2.2-all-languages.zip download.
Solution
Download and reinstall phpMyAdmin.
Reported by
The vendor credits Tencent Security Response Center.
Original Advisory

3 comments:

Anonymous said...

hi i like you blog please visit
http://www.vrditservices.com
Install Xine player in RHEL5

Anonymous said...

With Lloyd Security Energy Management services you can remotely adjust your lights and thermostats and set energy saving Smart Schedules™ to fit your lifestyle. Lloyd Security can help you stop wasting energy and start taking control of your energy bills.
Minnetonka home security

Shanthi Cabs said...

Impressive!Thanks for the post
Best Travel Agency in Madurai | Travels in Madurai
Madurai Travels | Best Travels in Madurai
Tours and Travels in Madurai | Best Tour Operators in Madurai