BugTraq
Back to list
|
Post reply
about recent phpMyAdmin "vulnerabilities"
Aug 24 2007 12:02PM
Marc Delisle (Marc Delisle cegepsherbrooke qc ca)
Hi,
On 2007-08-10, an advisory was published:
http://www.securityfocus.com/bid/25268
I don't consider these exploits to be a threat at all, because an
attacker has to know in advance the victim's phpMyAdmin token, which is
generated with
md5(uniqid(rand(), true))
Marc Delisle
phpMyAdmin project
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
On 2007-08-10, an advisory was published:
http://www.securityfocus.com/bid/25268
I don't consider these exploits to be a threat at all, because an
attacker has to know in advance the victim's phpMyAdmin token, which is
generated with
md5(uniqid(rand(), true))
Marc Delisle
phpMyAdmin project
[ reply ]