AOH :: HP Unsorted A :: TB12282.HTM

about recent phpMyAdmin "vulnerabilities"



about recent phpMyAdmin "vulnerabilities"
about recent phpMyAdmin "vulnerabilities"



Hi,
On 2007-08-10, an advisory was published:

http://www.securityfocus.com/bid/25268 

I don't consider these exploits to be a threat at all, because an 
attacker has to know in advance the victim's phpMyAdmin token, which is 
generated with

md5(uniqid(rand(), true))

Marc Delisle
phpMyAdmin project

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.