Il Tuesday 25 August 2009 22:55:45 hai scritto:
> I am unclear on how this would work. You say you are using the etch
> version. It asks for setup.php credentials and then installs the relevant
> Apache configuration to fence the setup.php off. This process works for
> me.
> Can you please detail
On Tue, August 25, 2009 15:58, Michele Bonera wrote:
> Il Tuesday 25 August 2009 14:12:01 Nico Golde ha scritto:
>
>
>> * Michele Bonera [2009-08-25 13:43]:
>>
>>> Package: phpmyadmin
>>> Version: 4:2.9.1.1-11
>>> Severity: grave
>>> Tags: security
>>> Justification: user security hole
>>>
>>>
>>>
Il Tuesday 25 August 2009 14:12:01 Nico Golde ha scritto:
> * Michele Bonera [2009-08-25 13:43]:
> > Package: phpmyadmin
> > Version: 4:2.9.1.1-11
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> > After install, you can access http://{host}/phpmyadmin/scripts/se
Hi,
* Michele Bonera [2009-08-25 13:43]:
> Package: phpmyadmin
> Version: 4:2.9.1.1-11
> Severity: grave
> Tags: security
> Justification: user security hole
>
> After install, you can access http://{host}/phpmyadmin/scripts/setup.php
> without entering any password.
> By adding a new host in th
Package: phpmyadmin
Version: 4:2.9.1.1-11
Severity: grave
Tags: security
Justification: user security hole
After install, you can access http://{host}/phpmyadmin/scripts/setup.php
without entering any password.
By adding a new host in the configuration, an attacker can submit malicius code
to ex
5 matches
Mail list logo
