Another security problem..
Barbara Pennacchi
barbara.pennacchi at istc.cnr.it
Thu Oct 20 19:16:19 UTC 2005
On Thu, 20 Oct 2005 11:57:47 -0400 James Kosin wrote:
> On 19-Oct-05 at about 1:00pm my time, someone from IP 194.150.85.114
> accessed my web-server trying to access a file called
> main.php in the following places:
[snip]
> Of course, this attack fell on deaf ears on my server.... but, I'd
> like everyone to know since this is a security risk if they do have a
> PHP document configuring some of these administrative tasks open on
> the internet.
Looks like somebody trying to exploit vulnerabilities within all or some
versions of PhpMyAdmin. Happened to me too, but no cigar there either, as
I've told apache to grant access to that program only to 2 specific IP
addresses. And the idiot wasn't one of these :)
The best suggestion I could give is to limit by IP address the access to
that program, as said above, in httpd.conf or in some .htaccess (not sure
of that)... And check on the website of phpmyadmin whether they solved
this specific problem or not. (i'm about to go home)
I don't think this specific security problem is relevant to FedoraLegacy,
since it is not a RPM essential or present in the various RH/Fedora
versions catered by it.
Tomorrow I'll check deeper into that, to see whether it is a security
problem regarding instead one or more releases of PHP itself.
b.
--
+--------------------------------------------------------------------+
| Barbara Pennacchi barbara.pennacchi (at) istc.cnr.it |
| Consiglio Nazionale delle Ricerche |
| Istituto di Scienze e Tecnologie della Cognizione |
| Via S. Martino della Battaglia 44, 00185 Roma, Italia |
| http://www.istc.cnr.it/ |
+--------------------------------------------------------------------+
More information about the fedora-legacy-list
mailing list