Re: PHP Attacks....

["Michael Mansour" <mic npgx com au>]

> On Wed, 2005-11-09 at 13:27 -0700, Michal Jaegermann wrote:
> > If I understand correctly that is really an XML_RPC vulnerability in
> > pear libraries; so if you do not have such capability, or it is not
> > turned on, then you are not vulnerable.  Of course there are some
> > applications which require that.  Do I miss something?
> 
> I don't think you're missing anything, however a lot of php-crap-apps
> use pear, so there is a good possibility that there are Legacy users
> that need patching.

Well, I for one am looking to get my FC1 and FC2 servers patched, so if FL can
get the patches in soon, I can test on production servers.

Michael.