21 Aug
2009
21 Aug
'09
11:29 p.m.
Am 21.08.2009 um 23:24 schrieb R P Herrold:
On Fri, 21 Aug 2009, Gregory P. Ennis wrote:
place. I looked like the hacker downloaded his paypal spoof files into a subdirectory of /var/www/phpmyadmin
I am running 5.3 with all current updates.
and third party software as well.
We do not ship phpmyadmin, and clearly and repeatedly caution against it in the IRC channel -- its CVE history is appalling, and people are just not willing to remove it, or limit it to just a specific IP (not that I expect its ACL model to work either)
Is there an alternative? I do think that it's the Internet Explorer of OSS. The General Public loves it, the admins hate it - but use it nevertheless.... Because there's no alternative.
Rainer