A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code.

One of the SourceForge.net mirrors, namely cdnetworks-kr-1, was being used to distribute a modified archive of phpMyAdmin, which includes a backdoor. This backdoor is located in file server_sync.php and allows an attacker to remotely execute PHP code. Another file, js/cross_framing_protection.js, has also been modified.

SourceForge.Net is the world's largest open source software development website. A very large impact on the domestic users with this incident. The vulnerability has been cataloged as being a critical one.

A screenshot as shown of a system containing a malicious backdoor that was snuck into the open-source phpMyAdmin package.

On official website in issue "PMASA-2012-5" developers said "We currently know only about phpMyAdmin-3.5.2.2-all-languages.zip being affected,".

It's not the first time a widely used open-source project has been hit by a breach affecting the security of its many downstream users. In June of last year, WordPress required all account holders on WordPress.org to change their passwords following the discovery that hackers contaminated it with malicious software.


Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.