Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: phpmyadmin compromised?

From: nauty.me04 () gmail com
Date: Mon, 19 Nov 2012 16:58:32 +0000
Not a compromise.Please check the encoding. Refrsh the page again and it should work

Regards
Aditya Balapure
Sent on my BlackBerry® from Vodafone

-----Original Message-----
From: Lucio Crusca <lucio () sulweb org>
Sender: full-disclosure-bounces () lists grok org uk
Date: Mon, 19 Nov 2012 17:45:56 
To: <full-disclosure () lists grok org uk>
Subject: [Full-disclosure] phpmyadmin compromised?

Hello *,

I've setup my browser to remember login & password at my server phpmyadmin 
login page. It usually fills the two fields correctly, but today it showed 
this crap instead:

http://img208.imagevenue.com/img.php?image=38933_php_myadmin_compromised_122_430lo.jpg

Since I've already suffered a security breach through phpmyadmin in the 
past, I immediately suspected another one. Please note that phpmyadmin is 
shielded by http digest authentication since the previous accident.

Are you aware of any security problems related to phpmyadmin (or to 
Iceweasel 10 for that matter) that can cause such garbage on the login page?

Thanks in advance
Lucio.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: