Please don't jump to conclusions.
It might very well be that centos patched the "old" PHP version a long
time ago. I doubt the owncloud installation routine actually checks for
the vulnerability. It probably only checks for the PHP version number
and certainly has no knowledge of any given distribution's patch history.
BTW, CVE-2006-7243 is from 2006, not 2010.
Kind regards,
E.R.
On 09/30/2013 03:25 PM, Adrian Sevcenco wrote:
Hi! i just installed the owncloud on an updated centos 6.4 and i have
this warning:
"Your PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243)
Please update your PHP installation to use ownCloud securely."
given that the bug is from 2010 and i have an updated system, is the
warning valid?
Thanks!
Adrian
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud
!DSPAM:52497c0f128225655088695!
--
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Erwin Rennert, IT Services
Center for Social Innovation
A-1150 Wien, Linke Wienzeile 246
Austria, Europe
Phone: ++43-1-495 04 42 - 61
Facsimile: ++43-1-495 04 42 - 40
http://www.zsi.at/
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud
