[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, 21 Jan 2011, Dan Dart wrote:
As long as you have a firewall, and you have no potentially dangerous publically accessible files, like the ones referenced there (which you don't by the looks of those 404s) you should be fine.
A firewall won't neccessarily block someone attacking phpMyAdmin like this, nor will it stop someone taking control of your server if they do find a vulnerable version of phpMyAdmin.
The attack vector allows them to upload and run code - under the user ID of the web server - but that can still be used to launch spam attacks, etc.
Gordon -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq