[imp] PHP security hole

Mike Barsalou mbarsalou@aidea.org
Tue, 23 Jul 2002 09:25:26 -0800


You have specifically stated it affects PHP 4.2.0/4.2.1.  Is it safe to
assume it does not affect any PHP before that? (4.0.6, 4.1.2)

Mike


Quoting michael:

Yes - this affects anyone using PHP 4.2.0/4.2.1.  It is a security hole in 
the uploading of information from the web browser to the server (e.g. 
uploading attachments in IMP, uploading files in Gollem).  Everyone should 
upgrade regardless (as with any security patch).

michael

______________________________________________
Michael Slusarz [slusarz@bigworm.colorado.edu]
The University of Colorado at Boulder
------------------------------