Re: Multiple Vulnerabilities in PHP fileupload
From: Peter Pentchev (roam@ringlet.net)
Date: 02/28/02
- Next message: Nevermind: "mod_ssl Buffer Overflow"
- Previous message: Heriyadi: "(no subject)"
- In reply to: Oliver Rompcik: "Multiple Vulnerabilities in PHP fileupload"
- Next in thread: Jeff: "Re: Multiple Vulnerabilities in PHP fileupload"
- Reply: Jeff: "Re: Multiple Vulnerabilities in PHP fileupload"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Feb 2002 17:35:13 +0200 From: Peter Pentchev <roam@ringlet.net> To: Oliver Rompcik <rompcik@informatik.uni-bonn.de>
On Thu, Feb 28, 2002 at 03:55:49PM +0100, Oliver Rompcik wrote:
> CERT reported several vulnerabilities in all PHP Versions <= 4.1.1.
> See advisory at http://www.cert.org/advisories/CA-2002-05.html
>
> Fixed version of PHP 4.1.2 is available at http://www.php.net.
> Until fixed FreeBSD binary package is available, users should build 4.1.2
> from source.
..or from the www/mod_php port, which was updated to include a fix for
this vulnerability 17 hours ago, at Wed Feb 27 22:17:22 2002 UTC.
G'luck,
Peter
-- Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 When you are not looking at it, this sentence is in Spanish.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Nevermind: "mod_ssl Buffer Overflow"
- Previous message: Heriyadi: "(no subject)"
- In reply to: Oliver Rompcik: "Multiple Vulnerabilities in PHP fileupload"
- Next in thread: Jeff: "Re: Multiple Vulnerabilities in PHP fileupload"
- Reply: Jeff: "Re: Multiple Vulnerabilities in PHP fileupload"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
