According to:
http://security.e-matters.de/advisories/012002.html
"Finally I want to mention that most of these vulnerabilities are
exploitable only on linux or solaris. But the heap off by one is only
exploitable on x86 architecture and the arbitrary heap overflow in PHP3 is
exploitable on most OS and architectures. (This includes *BSD) "
This means non-linux platforms are also affected. (Windows included)
-Rob Z.
-Original Message-
From: Julio Nobrega Trabalhando [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 4:13 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Re: Did everybody see the security warning at php.net?
Yes :-)
http://www1.dshield.org/pipermail/vuln/2002-February/07.html
http://developers.slashdot.org/article.pl?sid=02/02/27/1845238&mode=thread&t
id=169
http://security.e-matters.de/advisories/012002.html
http://www.newsbytes.com/news/02/174818.html
Doesn't affect Windows, right?
--
Julio Nobrega.
Um dia eu chego lá:
http://sourceforge.net/projects/toca
Ajudei? Salvei? Que tal um presentinho?
http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884
"Robert V. Zwink" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> http://www.php.net/
>
> [27-Feb-2002] Due to a security issue found in all versions of PHP
> (including 3.x and 4.x), a new version of PHP has been released. Details
> about the security issue are available here. All users of PHP are strongly
> encouraged to either upgrade to PHP 4.1.2, or install the patch (available
> for PHP 3.0.18, 4.0.6 and 4.1.0/4.1.1).
>
> http://security.e-matters.de/advisories/012002.html
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
