DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News
Reload this Page phpMyAdmin updates patch critical holes
FAQ Search Today's Posts Mark Forums Read

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 6th July 2011
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 2,791
Thanked 182 Times in 149 Posts
Default phpMyAdmin updates patch critical holes
From http://www.h-online.com/security/new...s-1273593.html

Quote:
The phpMyAdmin developers have released versions 3.3.10.2 and 3.4.3.1 of their database administration tool; these are security updates that fix a total of four security holes. Rated as "highly critical" by Secunia, the vulnerabilities include a session manipulation bug in Swekey authentication that could be exploited to overwrite session variables, a possible code injection hole in the setup script and a regular expression quoting problem in Synchronize code.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 6th July 2011
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
  
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,020
Thanked 198 Times in 156 Posts
Default
As a sidenote, phpmyadmin is one of the most "scanned" web applications according to my access_log 404 errors.
I *highly* recommend installing phpmyadmin in a directory not named phpmyadmin (or phpmyadmin-3.3.1 etc.).

In any case, Adminer does a lot better job. In particular, the UI isn't as cluttered as phpmyadmin (phpmyadmin looks like someone vomited buttons and icons, and then stirred them a bit because they looked to organized).
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Wireshark updates close security holes J65nko News 1 1st June 2011 10:15 PM
Wireshark updates close critical vulnerabilities J65nko News 0 2nd March 2011 04:32 PM
Ruby on Rails updates fix security holes J65nko News 0 10th February 2011 03:00 PM
phpMyAdmin updates close security vulnerability J65nko News 0 10th February 2011 02:58 PM
Mozilla addresses critical bugs with Firefox updates J65nko News 1 18th February 2010 04:27 PM


All times are GMT. The time now is 08:54 AM.

DaemonForums.org RSS Feeds - Contact Us - DaemonForums.org - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick