Patches slapped on serious PHP flaws, Security >>war

Discussion in 'other security issues & news' started by the mul, Dec 19, 2004.

Thread Status:
Not open for further replies.
  1. the mul
    Offline

    the mul Registered Member

    Two software updates have been released to fix critical flaws that could allow an attacker to compromise servers using PHP, a programming language for Web pages.

    The PHP Group, a software developer community, issued versions 4.3.10 and 5.0.3 of PHP this week to remedy the problems in the major versions of the Web page-processing program.

    "All users of PHP are strongly encouraged to upgrade to one of these releases as soon as possible," the group advised on its Web site.

    Arguably the most critical vulnerability is in a function used to compact data for storage. By exploiting the flaw, an attacker could take control of the Web server that runs a vulnerable version of the PHP: Hypertext Preprocessing (PHP), according to the Hardened-PHP group, which found the flaw.

    http://news.com.com/Patches slapped on serious PHP flaws/2100-1002_3-5496086.html?tag=nefd.top

    THE MUL
    Last edited: Dec 19, 2004
Thread Status:
Not open for further replies.