Michal Čihař - Check your phpMyAdmin installations

Check your phpMyAdmin installations

If you run some public phpMyAdmin installation, it's time to check for latest security updates. As it looks like these vulnerabilities are being widely exploited by some worm.

If you did not use phpMyAdmin setup script, or if you strictly followed documented way for generating config file, you are on safe side. However there seem to be enough people, who left writable config directory even after configuring phpMyAdmin and it allows growth of such worm.

PS: See also proof of concept for the exploit.

New Comment

You can not add new comments to old blog posts.