Welcome to the JaguarPC Community
JaguarPC
Sales: (888) 338-5261
Support: (888)-551-3050
Results 1 to 5 of 5

This is a discussion on phpMyAdmin 2.5.7pl1 is released (SECURITY HOLE!!!) in the Open Discussion & Chit-chat forum
MySQL 4.1 / 5.0 Note: phpMyAdmin's support for MySQL 4.1 / 5.0 is still experimental Fixes: invalid escaping of + in ENUM handling of GRANT...TO ...

  1. 07-02-2004, 12:34 PM #1
    Vin DSL
    Vin DSL is offline
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,775

    Exclamation phpMyAdmin 2.5.7pl1 is released (SECURITY HOLE!!!)

    MySQL 4.1 / 5.0 Note:

    phpMyAdmin's support for MySQL 4.1 / 5.0 is still experimental

    Fixes:
    • invalid escaping of + in ENUM
    • handling of GRANT...TO
    • handling of floating point digits
    • better error detection when export fails
    • password error when copying a user
    • copying a user with table privileges
    • export: handling of multi-column foreign keys
    • new collation page latin1_spanish_ci
    • support for MySQL 4.1.2 (table type is called "engine")
    • (pl1) fixes vulnerability disclosed on BUGTRAQ on 2004-06-29

    This is phpMyAdmin 2.5.7, patch level 1, fixing the vulnerability dated 2004-06-29 released on BUGTRAQ. See Documentation.html, FAQ 8.2.

    We would like to put emphasis on the disappointment we feel when a bugreporter does not contact the authors of a software first, before posting any exploits.

    The common way to report this, is to give the developers a reasonable amount of time to respond to an exploit before it is made public.

    Download
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL © 2010
    Reply With Quote Reply With Quote
  2. 07-02-2004, 07:03 PM #2
    TMOV
    TMOV is offline
    JPC Addict
    Join Date
    May 2004
    Location
    hovering locally
    Posts
    102

    CIVIL CONSIDERATION

    HELLO vin,
    I READ THE NEWS ON THE FRONT PAGE OF CCSP.
    YOUR COMPLAINT ABOUT THE LACK OF CONSIDERATION MAY BE DUE TO YOUR OWN LACK OF CONSIDERATION OF OTHERS.
    RESPECTFULLY.
    TMOV
    Reply With Quote Reply With Quote
  3. 07-02-2004, 07:47 PM #3
    JPC-Les
    JPC-Les is offline
    Wookiee JPC-Les's Avatar
    Join Date
    May 2002
    Location
    The Exogorths belly
    Posts
    1,265
    eh?
    (pm) | (email) Les, Chief Operations Officer

    Need a Manager?
    (pm) | (email) David, Customer Service Manager
    (pm) | (email) Masood, Chief Technical Officer

    Helpful Links
    Knowledge Base | Network Status | Current Specials
    Reply With Quote Reply With Quote
  4. 07-04-2004, 03:13 PM #4
    Vin DSL
    Vin DSL is offline
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,775

    Re: CIVIL CONSIDERATION

    Originally posted by TMOV
    HELLO vin,
    I READ THE NEWS ON THE FRONT PAGE OF CCSP.
    YOUR COMPLAINT ABOUT THE LACK OF CONSIDERATION MAY BE DUE TO YOUR OWN LACK OF CONSIDERATION OF OTHERS.
    RESPECTFULLY.
    TMOV
    Huh? I'm long on consideration and short on solicitude, TMOV. I know this bothers some ppl; however, you can't please everyone. Love me or hate me, I am NOT perfect...

    As far as the 'complaint' is considered, I was merely parroting the words of the phpMyAdmin Dev Team. They are the ones complaining, not me. I am simply trying to inform ppl that hackers have found a huge security hole in phpMyAdmin. Do you judge that to be improper? I considered that to be a good thing.
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL © 2010
    Reply With Quote Reply With Quote
  5. 07-04-2004, 08:14 PM #5
    Connie
    Connie is offline
    Old Hillbilly Connie's Avatar
    Join Date
    Sep 2001
    Location
    Hills of Missouri
    Posts
    2,646

    Re: Re: CIVIL CONSIDERATION

    [QUOTE]Originally posted by Vin DSL
    [B]Huh? I'm long on consideration and short on solicitude, TMOV. I know this bothers some ppl; however, you can't please everyone. Love me or hate me, I am NOT perfect...

    Glad you finally admitted that you were not perfect

    Hope your 4th is away from the fires and not one of destruction.

    Last edited by Connie; 07-04-2004 at 08:21 PM.

    Forum Moderators - Jag Staff

    Spam Whackers Blog - Dedicated to fighting Spam and providing General SEO Tips
    Organize your Kitchen or purchase Kitchen Accessories at Condells
    Ihelpyou Forum - Dedicated to "Best Practices" SEO
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules