GSR-IconBannerAd_v1d

Security Advisories

Trustwave Press Releases

« TWSL2012-012: Cross-Site Scripting Vulnerability in Support Incident Tracker | Main | TrustKeeper Scan Engine Update »

20 April 2012

Comments

The attacks against phpMyAdmin/scripts have been going on for some time now.

We first started noticing the attacks on February, 2012; but the actual start date could have been before that date.


174.143.145.198 - - [17/Feb/2012:11:23:35 -0600] "GET /phpMyAdmin/scripts/setup.inc.php HTTP/1.1" 403 3679 "-" "Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.1) Opera 7.01 [en]"

The source IP's of the attacks have varied a great deal.

Of note, some of the attacks for this particular issue have involved the IP source fluctuating within a range available from their ISP.

Thank you.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment