[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] What is ZmEu?

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] What is ZmEu?
From: Gordon Henderson <gordon+dcglug@xxxxxxxxxx>
Date: Fri, 21 Jan 2011 19:33:41 +0000 (GMT)
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Distribution: world

On Fri, 21 Jan 2011, Dan Dart wrote:

As long as you have a firewall, and you have no potentially dangerous
publically accessible files, like the ones referenced there (which you
don't by the looks of those 404s) you should be fine.

A firewall won't neccessarily block someone attacking phpMyAdmin likethis, nor will it stop someone taking control of your server if they dofind a vulnerable version of phpMyAdmin.

The attack vector allows them to upload and run code - under the user IDof the web server - but that can still be used to launch spam attacks,etc.


Gordon

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Follow-up: Re: [LUG] What is ZmEu?
- From: Dava

References:
- [LUG] What is ZmEu?
  - From: Dava
- Re: [LUG] What is ZmEu?
  - From: Dan Dart

Prev by Date: Re: [LUG] What is ZmEu?
Next by Date: Re: [LUG] What is ZmEu?
Previous by thread: Re: [LUG] What is ZmEu?
Next by thread: Re: [LUG] What is ZmEu?
Index(es):
- Date
- Thread