Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Security Alert Security Alert
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 10-11-2005, 09:14 AM   #1
ServerGenius
Confirmed User
 
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
Security Alert
Hello everybody,

phpmyadmin-2.6.4-pl1.pl and all previous version contain a security hole.

Due to an error in grab_globals.lib.php it's possible to execute the command
'subform[][redirect]' in any form to see the contents of files outside the webroot.

I suggest to upgrade this as soon as possible as this is a quite serious
security hole.

See Sig!
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho |
ServerGenius is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-11-2005, 09:17 AM   #2
DutchTeenCash
I like Dutch Girls
 
DutchTeenCash's Avatar
 
Join Date: Feb 2003
Location: dutchteencash.com
Posts: 21,684
asuming ppl leave phpmyadmin readable for everyone on a server?
DutchTeenCash is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-11-2005, 09:20 AM   #3
ServerGenius
Confirmed User
 
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
Quote:
Originally Posted by thinkx
asuming ppl leave phpmyadmin readable for everyone on a server?
or use weak password protection to protect their phpMyadmin....to exploit
this security you need to have access to phpMyAdmin.
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho |
ServerGenius is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-11-2005, 10:55 AM   #4
ServerGenius
Confirmed User
 
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
security bump
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho |
ServerGenius is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-11-2005, 02:31 PM   #5
ServerGenius
Confirmed User
 
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
bump for the nightcrew
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho |
ServerGenius is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Security Alert Security Alert
« Previous Thread | Next Thread »

Bookmarks



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.