PHP vulnerabilities! VERY IMPORTANT

texanpenguin

texanpenguin

Registered Penguin
I just became aware of severe security flaws in PHP that have been responsible for many phpBB online bulletin boards getting attacked.

Hardened-PHP seems to have discovered the flaws, and you can find out about them there and at phpbb.com

Update all your PHP, folks.

...and MacOSX.com too.
 
If you don't know what PHP is, you don't have to worry. PHP is a language geared towards generating dynamic web-content. PHPBB is a Bulletin Board system very similar to the one used for this site, and extremely popular for web forums. The vulnerabilities in PHPBB are being exploited by a worm known as "Santy". The impact of the Santy worm is that it will deface unpatched PHPBB web forums. Thankfully, the outbreak seems to be under control now.

Full details of the worm "Santy" are available here: http://www.f-secure.com/weblog/
 
Yeah, sorry for the wording; PHP concerns few people, in the consumer market especially :p.

But I heard that it's never "Under control" until you update PHP to fix the flaw. Especially relating to the unserialize function.
 
You must log in or register to reply here.
Back
Top