Apache dhe PHP problems...
Ne kete teme do sjell vunerabilities qe Apache ose Php ka, ne menyre qe ata qe perdorin apache server ose php te marrin masat e duhura.
Nuk po e hap kete teme per te bere lufte se kush eshte me i/e mire php, asp.... apo Apache, IIS... por thjesht per te perfituar.
=====================================
Securitytracker has reported -at
http://www.securitytracker.com/alerts/2002/Dec/1005863.html - that versions of PHP later than 4.1.2 -except for 4.3.0- are affected by a buffer overflow vulnerability.
The vulnerability lies in the Wordwrap() function, which automatically alligns text. An attacker could remotely exploit this vulnerability in order to cause the web server to crash. To do this, the malicious user would
need to insert text in an application that uses the Wordwrap() function.
According to Securitytracker, this vulnerability could also be exploited to run arbitrary code, although this type of attack is theoritically more complicated.
Version 4.3.0, which has been released to fix this vulnerability, is available at: http://www.php.net/downloads.php
===========================================
Cheers,
mySteRioUs
Ne kete teme do sjell vunerabilities qe Apache ose Php ka, ne menyre qe ata qe perdorin apache server ose php te marrin masat e duhura.
Nuk po e hap kete teme per te bere lufte se kush eshte me i/e mire php, asp.... apo Apache, IIS... por thjesht per te perfituar.
=====================================
Securitytracker has reported -at
http://www.securitytracker.com/alerts/2002/Dec/1005863.html - that versions of PHP later than 4.1.2 -except for 4.3.0- are affected by a buffer overflow vulnerability.
The vulnerability lies in the Wordwrap() function, which automatically alligns text. An attacker could remotely exploit this vulnerability in order to cause the web server to crash. To do this, the malicious user would
need to insert text in an application that uses the Wordwrap() function.
According to Securitytracker, this vulnerability could also be exploited to run arbitrary code, although this type of attack is theoritically more complicated.
Version 4.3.0, which has been released to fix this vulnerability, is available at: http://www.php.net/downloads.php
===========================================
Cheers,
mySteRioUs