Hi all, Regs the PHP thing, if im not mistaken most of us are running
a) php-4.1.2-2 ( from pkgmaster or cobalt ) b) php-4.1.2-3 ( from pkgmaster ) **** The latest vulnerability affects **** 1) PHP versions 4.2.0 or 4.2.1 Overview A vulnerability has been discovered in PHP. This vulnerability could be used by a remote attacker to execute arbitrary code or crash PHP and/or the web server. - http://www.cert.org/advisories/CA-2002-21.html **** The old vulnerability affects **** 2) PHP v3.0.10-v3.0.18, v4.0.1-v4.1.1 Overview We found several flaws in the way PHP handles multipart/form-data POST requests. Each of the flaws could allow an attacker to execute arbitrary code on the victim's system. - http://security.e-matters.de/advisories/012002.html -------------------------------------------------------- Therefore, unless any of us have upgraded manually we are not at risk, or any more than usual anyways! ( Help me out here, Im new to this but I have done my homework and I think were ok? ) Tentatively MJM _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
