mailing list archives
Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident
From: Marcus Meissner <meissner () suse de>
Date: Tue, 25 Sep 2012 17:07:07 +0200
On Tue, Sep 25, 2012 at 10:52:20AM -0400, Jan Lieskovsky wrote:
Hello Kurt, Steve, vendors,
looks (more from ): "One server from the SourceForge.net mirror
system was distributing a phpMyAdmin kit containing a backdoor,
allowing remotely to execute arbitrary PHP code."
Could you allocate a CVE id for this? (I think it's appropriate)
FWIW, it is possible that this mirror has distributed more backdoored
software and not just phpMyAdmin.