Explore top 10 tips to secure your open-source projects now. Read More
×
Gentoo reports phpMyAdmin vulnerability
Gentoo Linux recommends users upgrade to the latest version of phpMyAdmin to close a security hole in the Web-based MySQL administration tool's MIME-based transformation system. An attacker could use the vulnerability to remotely execute arbitrary commands if php's "safe mode" is disabled. "A defect was found in phpMyAdmin's MIME-based transformation system when used with external transformations," Gentoo's advisory said. "A remote attacker could exploit this vulnerability to execute arbitrary commands on the server with the rights of the HTTP server user." Enabling php safe mode ("safe_mode = On" in php.ini) may serve as a temporary workaround, but all users are advised to upgrade to the latest version.
The link for this article located at SearchSecurity.com is no longer available.