Blog Home  Home Feed your aggregator (RSS 2.0)  
SecureDeveloper.com - PHP 5.2.6 released - plugs a number of security holes.
Code is COMBAT !
 
Archive
<January 2009>
SunMonTueWedThuFriSat
28293031123
45678910
11121314151617
18192021222324
25262728293031
1234567
Navigation
Home
Links
Users
JoeStagner23
Total Posts23
Comments5
Categories
 
 
Blogroll
 Misfit Geek
Contact
Send mail to the author(s) Email Me

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

Sign In
 Tuesday, June 10, 2008
PHP 5.2.6 released - plugs a number of security holes. by JoeStagner

php_bugs

The PHP 5.2.6 release (download here) corrects at least four documented security flaws of varying severity

  • An unspecified error in the FastCGI SAPI can be exploited to cause a stack-based buffer overflow.
  • An unspecified error exists in processing incomplete multibyte characters within "escapeshellcmd()."
  • A security issue is caused due to an unspecified error. No further information is currently available.
  • An error in cURL can be exploited to bypass the "safe_mode" directive.
  • A boundary error in PCRE can potentially be exploited by malicious people to cause a DoS or compromise a vulnerable system.
    • Tuesday, June 10, 2008 2:46:21 AM (GMT Standard Time, UTC+00:00)  #    Comments [0]    |  Trackback
    All comments require the approval of the site owner before being displayed.
    Name
    E-mail
    Home page

    Comment (HTML not allowed)  

    Enter the code shown (prevents robots):
    Live Comment Preview
    Copyright © 2009 Joe Stagner. All rights reserved.