Bug 860318 (CVE-2012-5159) - CVE-2012-5159 phpmyadmin: cdnetworks-kr-1 used to distribute modified archive of phpMyAdmin, containing a backdoor (PMASA-2012-5)
Summary: CVE-2012-5159 phpmyadmin: cdnetworks-kr-1 used to distribute modified archive...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2012-5159
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 860322
TreeView+ depends on / blocked
 
Reported: 2012-09-25 15:06 UTC by Jan Lieskovsky
Modified: 2021-02-04 00:51 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-11-23 16:55:40 UTC
Embargoed:

Attachments (Terms of Use)

Description Jan Lieskovsky 2012-09-25 15:06:48 UTC 
A security incident in phpMyAdmin archive distribution has been reported:
[1] http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php
[2] http://secunia.com/advisories/50703/

More from [1]:
"One of the SourceForge.net mirrors, namely cdnetworks-kr-1, was being used to distribute a modified archive of phpMyAdmin, which includes a backdoor. This backdoor is located in file server_sync.php and allows an attacker to remotely execute PHP code. Another file, js/cross_framing_protection.js, has also been modified."
Comment 1 Jan Lieskovsky 2012-09-25 15:09:17 UTC 
CVE request:
[3] http://www.openwall.com/lists/oss-security/2012/09/25/11
Comment 2 Jan Lieskovsky 2012-09-25 15:10:39 UTC 
This issue did NOT affect the versions of the phpMyAdmin package, as shipped with Fedora release of 16 and 17.

--

This issue did NOT affect the versions of the phpMyAdmin package, as shipped with Fedora EPEL 5 and Fedora EPEL 6.

--

This issue did NOT affect the version of the phpMyAdmin package, as shipped with Fedora EPEL 5.
Note You need to log in before you can comment on or make changes to this bug.