Re: [suse-security] Re: [suse-security-announce] SUSE Security Announcement: phpMyAdmin remote code execution (SUSE-SA:2005:066)

[Marcus Meissner <meissner@xxxxxxx>]

On Fri, Nov 18, 2005 at 06:40:36PM -0800, Scott Leighton wrote:
> On Friday 18 November 2005 5:35 am, Marcus Meissner wrote:
> > ___________________________________________________________________________
> >___
> >
> >                         SUSE Security Announcement
> >
> >         Package:                phpMyAdmin
> >         Announcement ID:        SUSE-SA:2005:066
> >         Date:                   Fri, 18 Nov 2005 11:00:00 +0000
> 
> 
>    Anyone else having a problem after this YOU update? I have three
> boxes, all of them started crapping out with the following error
> message when trying to access phpMyAdmin, 
> 
>   Fatal error: main(): Failed opening required 
> './' (include_path='.:/usr/share/php') 
> in /srv/www/htdocs/phpMyAdmin/libraries/grab_globals.lib.php on line 70
> 
>   That file, grab_gobals.lib.php is one that was changed by the 
> YOU update. Commenting out the 'require' on line 70 makes the
> error go away, but I'm sure that's not really the right  solution.

We have several reports of this.

We will try to get a fixed version out on Monday.

Ciao, Marcus

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here