If you are running phpMyAdmin, and have recently performed an update, you might have a compromised version. In short, any version that was downloaded from the SourceForge Mirror site – cdnetworks-kr-1 and contains file – server_sync.php. probably contains a backdoor. As this vulnerability is classified as EXTREMELY CRITICAL, I would suggest you verify that no such file exists in your installed version.
http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php
Solution
Check your phpMyAdmin distribution and download it again from a trusted mirror if your copy contains a file named server_sync.php.
http://secunia.com/advisories/50703/
Secunia Advisory SA50703
phpMyAdmin Compromised Source Package Backdoor Security Issue
Secunia Advisory SA50703
Release Date 2012-09-25
Criticality level Extremely critical
Description
A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system.
The security issue is caused due to the distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code.
The compromised source file was distributed via the “cdnetworks-kr-1” SourceForge mirror with the phpMyAdmin-3.5.2.2-all-languages.zip download.
Solution
Download and reinstall phpMyAdmin.
Provided and/or discovered by
The vendor credits Tencent Security Response Center.
Original Advisory
http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php