© copyright 2002 by Marc Barrot.
|
|
|
|
|
Thursday, April 18, 2002 |
PHP Security Revisited
Catching up on Martin Heller's PHP Revisited column on Byte.com, I've just realised I am responsible for a site with public Internet exposure and PHP 4.1.1 for Windows.
Oops, this is a serious mistake: [27-Feb-2002] Due to a security issue found in all versions of PHP (including 3.x and 4.x), a new version of PHP has been released. Details about the security issue are available here. All users of PHP are strongly encouraged to either upgrade to PHP 4.1.2, or install the patch (available for PHP 3.0.18, 4.0.6 and 4.1.0/4.1.1).[PHP Security Update]
It doesn't take much digging into the advisory notice to realize these vulnerabilities in fileupload could allow an evil minded attacker to execute arbitrary code on a pre 4.2.2 PHP system.
10:14:10 AM Google It!
|
|
|
|
April 2002 |
Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
|
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
|
|
|
|
Mar May |
last updated: 10/21/02; 12:59:33 AM.
Currently subscribed to: Here's how this works.
|