PHP hole.
- Thread starter n0cmonkey
- Start date
Ullrich and the PHP Web site recommend that Linux and Solaris Web sites using PHP upgrade their software to the latest version, 4.1.2, which solves the problem.... Ullrich believes the latter group may have had exploit code for as long as a month. agh hum!
Makes you wonder about how long they have known about this problem (surely more than 28 days) and not told anyone. Now they have a new version of their software out, they are letting people know about the flaws and telling them to upgrade to the newest ver$ion. Might be a conspiracy... LOL.
Wouldn't mind finding a little more out about this though.
-CSFM-
Makes you wonder about how long they have known about this problem (surely more than 28 days) and not told anyone. Now they have a new version of their software out, they are letting people know about the flaws and telling them to upgrade to the newest ver$ion. Might be a conspiracy... LOL.
Wouldn't mind finding a little more out about this though.
-CSFM-
These may not be the same problem as the original one I linked, but I sure hope they are...
The Register US
packetstorm security
The Register US
packetstorm security
These may not be the same problem as the original one I linked, but I sure hope they are...
Sounds like the same problem.
Don't you think it's a bit strange that it has taken this long to notice the flaws?
Sounds like the same problem.
Don't you think it's a bit strange that it has taken this long to notice the flaws?
<< These may not be the same problem as the original one I linked, but I sure hope they are...
Sounds like the same problem.
Don't you think it's a bit strange that it has taken this long to notice the flaws? >>
No. It depends on who discovered the flaw and if they reported it to the PHP guys.
No. It depends on who discovered the flaw and if they reported it to the PHP guys.
I guess so. Who would be most at risk? The banks? Ecommerce? Or everyone?
I guess so. Who would be most at risk? The banks? Ecommerce? Or everyone?
<< No. It depends on who discovered the flaw and if they reported it to the PHP guys.
I guess so. Who would be most at risk? The banks? Ecommerce? Or everyone? >>
I cant think of many BIG sites that use PHP, but anyone that uses PHP on linux/Solaris seems to be affected. That would be *MOST* of the PHP sites out there (Im sure most PHP sites run on Linux). And anyone that purchases things off these sites would be at risk I guess.
The reason I mentioned it is because plenty of people here like PHP and they may not keep up with security updates. I wasnt sure which forum to post it in, but OS seemed the most visited between OS, Networking, and Software... Off Topic would be fine, but not everyone goes there either.
It makes you wonder though. I am I really safe to do my banking online... do I really want to put my C.C. number on this server, and so on. I have always kept a close eye on these things, but every time there is a major security problem, my confidence in online trading is shot again. The internet has a lot of potential which I think is never going to be utilised as long as these problems keep cropping up.
<< It makes you wonder though. I am I really safe to do my banking online... do I really want to put my C.C. number on this server, and so on. I have always kept a close eye on these things, but every time there is a major security problem, my confidence in online trading is shot again. The internet has a lot of potential which I think is never going to be utilised as long as these problems keep cropping up. >>
I hope it doesnt happen to you, but once you get your cc # taken once your confidence doesnt return quickly... Im a security nut and I recently got my cc # stolen (almost bought some real nice stuff for someone in Romania too). Not fun at all. Luckily I noticed it in time...
I hope it doesnt happen to you, but once you get your cc # taken once your confidence doesnt return quickly... Im a security nut and I recently got my cc # stolen (almost bought some real nice stuff for someone in Romania too). Not fun at all. Luckily I noticed it in time...
That's not very nice!
But that's the sort of thing I am talking about. I do very little purchasing with my C.C. on line. But I do all my banking on line and I wonder just how secure it really is sometimes...Meanwhile the banks are sitting back, closing branches and rolling in our money... LOL
That's not very nice!
But that's the sort of thing I am talking about. I do very little purchasing with my C.C. on line. But I do all my banking on line and I wonder just how secure it really is sometimes...Meanwhile the banks are sitting back, closing branches and rolling in our money... LOL
I dont do banking over the net. And right now, I barely do anything with my cc over the net
It's times like these that make me wonder if I should keep my internet banking...
Not paranoid though..... was that something in the bushes? LOL
It's times like these that make me wonder if I should keep my internet banking...
Not paranoid though..... was that something in the bushes? LOL
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 24K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter