21 Aug
2009
21 Aug
'09
11:24 p.m.
On Fri, 21 Aug 2009, Gregory P. Ennis wrote:
place. I looked like the hacker downloaded his paypal spoof files into a subdirectory of /var/www/phpmyadmin
I am running 5.3 with all current updates.
and third party software as well.
We do not ship phpmyadmin, and clearly and repeatedly caution against it in the IRC channel -- its CVE history is appalling, and people are just not willing to remove it, or limit it to just a specific IP (not that I expect its ACL model to work either)
-- Russ herrold