Vulnerabilities Found in PHP

Forum Moderators: coopster

Message Too Old, No Replies

Vulnerabilities Found in PHP

Version 4.1.2 needs to be installed

cyril kearney

3:49 pm on Mar 5, 2002 (gmt 0)

A new version, now available of PHP should be installed to overcome a security hole.

Here's an explaination of the problem and the solution.

gethan

4:25 pm on Mar 5, 2002 (gmt 0)

[theregister.co.uk...]

I don't know if it's the one you were thinking of Cyril but anyways there is a link with more info.

Basically if you are running PHP <4.1.2 with File uploads via multipart forms enabled (default) then your vulnerable.

cyril kearney

8:22 pm on Mar 5, 2002 (gmt 0)

Thanks gethan for that url explaining the PHP problem.

Here is the url I meant to post

[esecurityplanet.com...]

EliteWeb

8:32 pm on Mar 5, 2002 (gmt 0)

heh just have yer admin or yourself update it asap. anyone can exploit it :)

bird

10:19 pm on Mar 5, 2002 (gmt 0)

You know you have chosen the right hosting provider when you read such a warning after reading their notification that they just updated their 700+ servers to fix the problem... ;)

bill

12:55 am on Mar 6, 2002 (gmt 0)

eek...is there a Windows binary out yet? I only saw 4.1.1 available.

bill

2:00 am on Mar 28, 2002 (gmt 0)

The 4.1.2 Windows Binaries are available [php.net] now...