[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: PHP Attacks....

From: Jesse Keating <jkeating j2solutions net>
To: fedora-legacy-list redhat com
Subject: Re: PHP Attacks....
Date: Wed, 09 Nov 2005 12:38:42 -0800

On Wed, 2005-11-09 at 13:27 -0700, Michal Jaegermann wrote:
> If I understand correctly that is really an XML_RPC vulnerability in
> pear libraries; so if you do not have such capability, or it is not
> turned on, then you are not vulnerable.  Of course there are some
> applications which require that.  Do I miss something?

I don't think you're missing anything, however a lot of php-crap-apps
use pear, so there is a good possibility that there are Legacy users
that need patching.

-- 
Jesse Keating RHCE      (http://geek.j2solutions.net)
Fedora Legacy Team      (http://www.fedoralegacy.org)
GPG Public Key
(http://geek.j2solutions.net/jkeating.j2solutions.pub)

Was I helpful?  Let others know:
 http://svcs.affero.net/rm.php?r=jkeating

Follow-Ups:
- Re: PHP Attacks....
  - From: Michael Mansour

References:
- RE: PHP Attacks....
  - From: Matthew Nuzum
- Re: PHP Attacks....
  - From: Josep L. Guallar-Esteve
- Re: PHP Attacks....
  - From: Michal Jaegermann

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]