Friday, October 15, 2004

Bug found in phpMyadmin

This is a notice to all my developer friends .

Users of the increasingly popular, open-source MySQL database may be at risk from remote attacks due to a bug in phpMyAdmin, a widely used Web-based MySQL administration tool.

On Wednesday the phpMyAdmin project warned of a bug in the way the tool's MIME-based transformation system handles "external" transformations. Attackers could exploit the hole to execute arbitrary commands on a Web server with the privileges of the server's user, the project said in a statement.

I too had used a lill of phpMyadmin (actually coppied conf files from the server already configured).

You can read more on the bug here along with the detials to download the patch here.


Post a Comment

<< Home