1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: phpMyAdmin Backdoor CVE-2012-5159

Attack: phpMyAdmin Backdoor CVE-2012-5159

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to access a backdoor located in phpMyAdmin.

Additional Information

phpMyAdmin is a web-based administration interface for MySQL databases; it is implemented in PHP.

phpMyAdmin is prone to a backdoor vulnerability. This issue occurs because of the distribution of compromised phpMyAdmin source code that contains a backdoor. Specifically, this issue affects the 'server_sync.php' script. The compromised source file is distributed through the 'cdnetworks-kr-1' SourceForge mirror.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful attacks will compromise the affected application.

phpMyAdmin 3.5.2.2 is vulnerable; other versions may also be affected.

Affected

  • phpMyAdmin 3.5.2.2
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube