[kronolith] [PhpInclude.Worm - was formerly the Santy.e worm]

Larry Honig l at hdex.com
Tue Dec 28 08:41:56 PST 2004


Sorry if you misinterpret my question. I certainly am not trying to FUD this
list. Also I am highly pro Linux! Howver this does not seem to be a Linux
versus M$ issue at all - if you read the various reports (like on secunia.org,
hardly an anti-Linux platform) it seems to affect all php apps, whether on
LAMP, M$, Sun or any other platform. Let's keep the flame wars off this list -
but in no way do I mean to attack Linux or opensource stuff at all! This is a
legit question (re: vulnerability) and it seems to me like it ought to be
possible to ask for information about it. Maybe Horde is not vulnerable - that
would be worth knowing, too, right?

/Larry Honig



Quoting Jan Schneider <jan at horde.org>:

> Zitat von Larry Honig <l at hdex.com>:
>
>> Are Horde users vulnerable? Seems like we are, since include() and
>> require() are
>> frequently used in all the code I've looked at. One of many links here
>> http://ployer.com/archives/2004/12/bad_santye_rena.php
>
> Stop spreading fud. Do your homework before assuming anything. Do you
> consider Linux vulnerable to all virii because it uses "rm" in some places?
>
> Jan.
>
> -- Do you need professional PHP or Horde consulting?
> http://horde.org/consulting/
> -- Kronolith mailing list - Join the hunt: 
> http://horde.org/bounties/#kronolith
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: kronolith-unsubscribe at lists.horde.org
>
>




More information about the kronolith mailing list