• Skip to main content
  • Skip to primary navigation
  • Skip to primary sidebar
  • UC Berkeley
  • Berkeley Engineering
  • EECS
Header Search Widget
IRIS

Instructional & Research Information Systems

  • About Us
  • Get Started
  • Get Help
  • FAQ
    • FAQ: Accounts
    • FAQ: EECS Slack
    • FAQ: File Storage
    • FAQ: Hardware
    • FAQ: MacOS
    • FAQ: Mail
    • FAQ: Mailing Lists
    • FAQ: Network
    • FAQ: Security
    • FAQ: Unix
    • FAQ: Web
    • FAQ: Windows
  • Services
    • Accounts
    • Backups
    • E-mail
    • EECS Login Servers
    • File Storage
    • Infrastructure
    • Mailing Lists
    • Network
    • Printing
    • Room Reservations
    • Security
    • Software
    • Unix
    • Web
  • Policies
  • Forms
    • System Registration/Update
    • Account Request Form
    • Network Problem Report
    • Project Storage Request
    • SSL Certificate Request
    • All Other Forms
  • Rates

phpMyAdmin vulnerabilities and scanning

June 25, 2009 by Mark Kraitchman

John Ives from the campus SNS (System & Network Security) wrote:

“Everyone,

As many of you may be aware, web based management tools, whether they are used to manage database backends, web content or anything else, are frequently the targets of attacks by would be hackers. In both March an April, phpMyAdmin, a tool for managing MySQL servers via the web, released patches for issues that would allow users to execute arbitrary php code on the server. In the last couple of days, System and Network
Security has seen a marked increase in the number of attackers who have been scanning for these vulnerabilities across campus. This increase also coincides with an increase in phpMyAdmin scanning that has been reported from other sources, like the Internet Storm Center.

If your system runs phpMyAdmin and you have not already applied the March and April patches (see the reference section below), I would urge you to do so, as soon as possible.

Yours,

John Ives

References:

phpMyAdmin Homepage:

April Patch:

March Patch:

Filed Under: News

Primary Sidebar

IRIS Service Status

Green
We have 0 Active Incidents, and 0 Scheduled Maintenances noted.

IST Service Status

Outages to campus services are listed at berkeley.statusdashboard.com.
  • About
  • Contact
  • Privacy
  • Accessibility
  • Nondiscrimination

© 2022–2025 UC Regents  |  Log in