[imp] PHP Exploit

Barry Flanagan barryf-imp@digiserve.ie
Tue, 5 Mar 2002 16:26:12 +0000


On Tuesday 05 March 2002 16:18, you wrote:
> All,
>
> I am running PHP 3.0 w/ IMP 2.2.7/Horde 1.2.7.
> There is the newly found exploit in PHP regarding
> file uploads.  Now, I know that you can 'upload'
> files for attachments.  Does this mean that my
> server needs to be patched or was the exploit
> on just FORM="post" uploads?
>

Definately patch. Upgrade to IMP3 while you are about it ;-)

-- 

-Barry Flanagan