Security Tips
Critical phpMyAdmin Vulnerabilities Discovered
A number of bloggers and web site owners use phpMyAdmin for easy database administration. Two critical vulnerabilities have been discovered that could be used to gain full access to the affected server.
Exploits have already been made publicly available, see GNUCITIZEN for an example:
http://172.16.211.10/phpMyAdmin-3.0.1.1//config/
config.inc.php?p=phpinfo();
Description
Setup script used to generate configuration can be fooled using a crafted POST [...]
Playing the double agent
BlogSec is kicking off its security tips for bloggers category. Its really exciting to share with our readers gems and pearls that many security professionals take for granted. enjoy!
We start off with, "the double agent" really clever title (as you will see) if I do say so myself :)
Without boring you to much, a user-agent [...]
