|
News News regarding BSD and related. |
|
Thread Tools | Display Modes |
|
|||
Critical open hole in PHP creates risks
From http://h-online.com/-1567532
Quote:
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
||||
This is *only* when using PHP in CGI mode, which is pretty rare nowadays. If you're still using CGI, this is a good time to switch to FastCGI.
Also note it may be that only Apache is affected, from http://www.hiawatha-webserver.org/weblog/36 Quote:
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
Also see PHP patch quick but inadequate
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
For another update see PHP team makes another attempt to close critical CGI hole
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
TYPO3 developers warn of critical hole | J65nko | News | 0 | 20th December 2011 08:08 AM |
Opera 11.01 closes critical hole | J65nko | News | 0 | 27th January 2011 04:14 PM |
Adobe: hole closed, hole open | J65nko | News | 0 | 5th November 2010 06:50 PM |
Critical hole closed in Foxit Reader | J65nko | News | 0 | 10th August 2010 05:51 PM |
Firefox 3.6.3 closes a critical hole | J65nko | News | 0 | 2nd April 2010 05:52 PM |