[Quote] PHP 4.2.2 is out: “The PHP Group has learned of a serious security vulnerability in PHP versions 4.2.0 and 4.2.1. An intruder may be able to execute arbitrary code with the privileges of the web server. This vulnerability may be exploited to compromise the web server and, under certain conditions, to gain privileged access.
I saw this on CNET first – but thier xml feed hasn’t added it yet.
Just trying to help get the word out.
Edited on Jul 22nd 2002, 19:16 by Hooloovoo
One thought on “Jul 22nd 2002, 19:15 GMT”
Ooops. Thanks for the heads-up. It wasn’t too long ago they had a similar problem with a vulnerability in session management, going back to 3.x as well. Ah well, it’s still less holes than the Microsoft Security Bulletin, from which I received on average three vulnerability alerts a month for IIS and SQL Server…