[CentOS] httpd - mysql - paypal.com.tar - hacker

Rainer Duffner rainer at ultra-secure.de
Fri Aug 21 21:29:17 UTC 2009

Am 21.08.2009 um 23:24 schrieb R P Herrold:

> On Fri, 21 Aug 2009, Gregory P. Ennis wrote:
>> place.  I looked like the hacker downloaded his paypal spoof files  
>> into
>> a subdirectory of /var/www/phpmyadmin
>> I am running 5.3 with all current updates.
> and third party software as well.
> We do not ship phpmyadmin, and clearly and repeatedly caution
> against it in the IRC channel -- its CVE history is
> appalling, and people are just not willing to remove it, or
> limit it to just a specific IP (not that I expect its ACL
> model to work either)

Is there an alternative?
I do think that it's the Internet Explorer of OSS.
The General Public loves it, the admins hate it - but use it  
Because there's no alternative.


More information about the CentOS mailing list