This bug seems still exploitable.
A friend of mine has PhpMyAdmin-4:3.1.2-1ubuntu0.1 running on Ubuntu 9.04 and got hacked today.
After some time i found the exploit.
It used this issue to break in: http://www.phpmyadmin.net/home_page/security/PMASA-2009-4.php
This bug seems still exploitable. 4:3.1.2- 1ubuntu0. 1 running on Ubuntu 9.04 and got hacked today. www.phpmyadmin. net/home_ page/security/ PMASA-2009- 4.php
A friend of mine has PhpMyAdmin-
After some time i found the exploit.
It used this issue to break in:
http://
The security update for the issue contains only this patch: phpmyadmin. svn.sourceforge .net/viewvc/ phpmyadmin/ branches/ MAINT_3_ 1_3/phpMyAdmin/ setup/lib/ ConfigFile. class.php? r1=12248& r2=12301& pathrev= 12342
http://
But NOT: phpmyadmin. svn.sourceforge .net/viewvc/ phpmyadmin/ trunk/phpMyAdmi n/setup/ lib/ConfigFile. class.php? r1=12342& r2=12341& pathrev= 12342
http://
A review of this issue is needed.
Cheers,
//richard