oss-sec mailing list archives
Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident
From: Marcus Meissner <meissner () suse de>
Date: Tue, 25 Sep 2012 17:07:07 +0200
On Tue, Sep 25, 2012 at 10:52:20AM -0400, Jan Lieskovsky wrote:
Hello Kurt, Steve, vendors, based on: [1] http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php [2] http://secunia.com/advisories/50703/ looks (more from [1]): "One server from the SourceForge.net mirror system was distributing a phpMyAdmin kit containing a backdoor, allowing remotely to execute arbitrary PHP code." Could you allocate a CVE id for this? (I think it's appropriate)
FWIW, it is possible that this mirror has distributed more backdoored software and not just phpMyAdmin. Ciao, Marcus
Current thread:
- CVE Request - phpMyAdmin: PMASA-2012-5 incident Jan Lieskovsky (Sep 25)
- Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident Marcus Meissner (Sep 25)
- Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident cve-assign (Sep 25)