Multiple vulnerabilities in PHP 4/5

Expand Post »

View Entire Article & Overview

Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-

Advisory: Multiple vulnerabilities within PHP 4/5
Release Date: 2004/12/15
Last Modified: 2004/12/15
Author: Stefan Esser [sesser@php.net]

Application: PHP4 <= 4.3.9
PHP5 <= 5.0.2
Severity: Several vulnerabilities within PHP allow local and remote execution of arbitrary code

Risk: Critical
Vendor Status: Vendor has released bugfixed versions.
References: http://www.hardened-php.net/advisories/012004.txt

Similar Threads

French reveal multiple vulnerabilities in popular PBX software in Networking
Gentoo Linux PHP Security Advisory in Networking
Delete Multiple Rows in PHP in PHP
Basic PHP Includes in PHP
Multiple queries within one php file in PHP

Vinay

Reputation Points: 10

Solved Threads: 0

Light Poster

Offline

29 posts
since Oct 2004

Permalink

Dec 24th, 2004

Re: Multiple vulnerabilities in PHP 4/5

yep, very big news across PHP land. it especially makes forums such as phpBB, vBulletin, Invision, etc. vulnerable to attacks because of the loads of info ; or that might be the other vulnerability?

Gary King

Team Colleague

Reputation Points: 53

Solved Threads: 5

PHP/vBulletin Guru

Offline

360 posts
since Nov 2003

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in PHP Forum Timeline: Parse error:

Next Thread in PHP Forum Timeline: No Temporary Files

DaniWeb Message

Cancel Changes

User Name
Password