[imp] PHP security hole

Miroslav Pendev shadow@CPE0004761ac738-CM00109515bc65.cpe.net.cable.rogers.com
Tue, 23 Jul 2002 15:19:13 -0400

Previous message: [imp] PHP security hole
Next message: [imp] Address book problem in compose
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Quoting Mike Barsalou <mbarsalou@aidea.org>:
> 
> | You have specifically stated it affects PHP 4.2.0/4.2.1.  Is it safe to
> | assume it does not affect any PHP before that? (4.0.6, 4.1.2)
> 
> >From the PHP announcement page mentioned before:
>   The PHP Group has learned of a serious security vulnerability in PHP
>   versions 4.2.0 and 4.2.1.
> 
> Thus, the previous versions are not affected.
> 
> michael
> 

Not by this problem, but how about the little bit older fileupload problem:

http://www.cert.org/advisories/CA-2002-05.html

http://security.e-matters.de/advisories/012002.html


Be sure to patch your old PHP versions for old PHP vulnerabilities ;-)
Although, you may have that patch, already...

Cheers!

--Miro

Previous message: [imp] PHP security hole
Next message: [imp] Address book problem in compose
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]