Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 31 Mar 2008 17:40:31 -0400 (EDT)
From: "Steven M. Christey" <>
To: Hanno Böck <>
        "Steven M. Christey" <>
Subject: Re: CVE request: phpmyadmin (PMASA-2008-2)

Name: CVE-2008-1567
Status: Candidate
Reference: MISC:
Reference: CONFIRM:
Reference: FRSIRT:ADV-2008-1037
Reference: URL:
Reference: SECUNIA:29613
Reference: URL:

phpMyAdmin before stores the (1) MySQL username, (2)
password, and the (2) Blowfish secret key in plaintext in the /tmp
Session file, which allows local users to obtain sensitive

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.