Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[REDHAT] Heads up: PHP exploit (fwd)



-------------------------------------------------------------------
DDDD   David Kramer                           http://thekramers.net
DK KD  "That venture capitalists are willing to take any level of
DKK D  risk, even a modest one, after all that has happened in the
DK KD  ecommerce sector, is inspiring.  They might almost be
DDDD   capable of becoming Red Sox fans"               -Keith Regan

---------- Forwarded message ----------
this one hasn't even hit Bugtraq yet.  I got wind of it via 
departmental mail from someone who follows the snort-sigs list.

There is a PHP problem afoot which affects POST operations in all 
versions of PHP prior to 4.1.2.  Go here for details:

http://security.e-matters.de/advisories/012002.html

And here for the fix:

http://www.php.net

I've already patched my production boxes, but there's no help yet for 
rpm'ers, far as I know.  'file_uploads = Off' in php.ini, if you can't 
upgrade.

Hope this helps someone. -d

-- 






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org