If you run some public phpMyAdmin installation, it's time to check for
latest security updates. As it looks like these vulnerabilities are
being widely exploited by some worm.
If you did not use phpMyAdmin setup script, or if you strictly followed
documented way for generating config file, you are on safe side. However there
seem to be enough people, who left writable config directory even after
configuring phpMyAdmin and it allows growth of such worm.
PS: See also proof of concept for the exploit.
Due to excessive spam, new comments are disabled. If you have some feedback on
this post, please send me email or
followup on Twitter or Facebook.