4play
12-17-2004, 05:31 PM
The Hardened-PHP Project (http://www.hardened-php.net/) has announced (http://www.hardened-php.net/advisories/012004.txt)
several serious and according to them, easy-to-exploit vulnerabilities
within PHP. A flaw within the function unserialize() is rated as very
critical for millions of PHP servers, because it is exposed to remote
attackers through lots of very popular webapplications. The list
includes forum software like phpBB2, WBB2, Invision Board and
vBulletin. It is time to upgrade (http://www.php.net/downloads.php) now."
source (http://developers.slashdot.org/article.pl?sid=04/12/17/1641212&tid=169&tid=172)
several serious and according to them, easy-to-exploit vulnerabilities
within PHP. A flaw within the function unserialize() is rated as very
critical for millions of PHP servers, because it is exposed to remote
attackers through lots of very popular webapplications. The list
includes forum software like phpBB2, WBB2, Invision Board and
vBulletin. It is time to upgrade (http://www.php.net/downloads.php) now."
source (http://developers.slashdot.org/article.pl?sid=04/12/17/1641212&tid=169&tid=172)