Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60402
HistorySep 26, 2012 - 12:00 a.m.

phpMyAdmin 'server_sync.php'远程后门漏洞

2012-09-2600:00:00
Root
www.seebug.org
20

EPSS

0.911

Percentile

98.9%

JSON

BUGTRAQ ID: 55672
CVE ID: CVE-2012-5159

phpMyAdmin是一个用PHP编写的,可以通过web方式控制和操作MySQL数据库。

phpMyAdmin通过"cdnetworks-kr-1" SourceForge mirror系统分发的phpMyAdmin 3.5.2.2及其他版本源文件为phpMyAdmin-3.5.2.2-all-languages.zip,其中包含名为server_sync.php的木马,可允许远程攻击者通过调用eval()攻击执行任意命令。
0
phpMyAdmin 3.5.2.2
厂商补丁:

phpMyAdmin

phpMyAdmin已经为此发布了一个安全公告(PMASA-2012-5)以及相应补丁:

PMASA-2012-5:PMASA-2012-5

链接:http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php

Related

cvelist 1
prion 1
exploitdb 1
metasploit 1
openvas 1
phpmyadmin 1
nvd 1
d2 1
cve 1
debiancve 1
ubuntucve 1
nessus 1
cvelist
cvelist
CVE-2012-5159
2012-09-25 22:00:00
prion
prion
Design/Logic Flaw
2012-09-25 22:55:00
exploitdb
exploitdb
phpMyAdmin 3.5.2.2 - 'server_sync.php' Backdoor (Metasploit)
2012-10-10 00:00:00
metasploit
metasploit
phpMyAdmin 3.5.2.2 server_sync.php Backdoor
2012-09-25 15:47:53
openvas
openvas
phpMyAdmin 'server_sync.php' Backdoor Vulnerability
2012-09-26 00:00:00
phpmyadmin
phpmyadmin
One server from the SourceForge.net mirror system was distributing a phpMyAdmin kit containing a backdoor.
2012-09-25 00:00:00
nvd
nvd
CVE-2012-5159
2012-09-25 22:55:00
d2
d2
DSquare Exploit Pack: D2SEC_PMA_BACKDOOR
2012-09-25 22:55:00
cve
cve
CVE-2012-5159
2012-09-25 22:55:00
debiancve
debiancve
CVE-2012-5159
2012-09-25 22:55:00
ubuntucve
ubuntucve
CVE-2012-5159
2012-09-25 00:00:00
nessus
nessus
phpMyAdmin server_sync.php Backdoor (PMASA-2012-5)
2012-09-26 00:00:00

EPSS

0.911

Percentile

98.9%

JSON
Related for SSV:60402
cvelist1prion1exploitdb1metasploit1openvas1phpmyadmin1nvd1d21cve1debiancve1ubuntucve1nessus1