Probleme me PHP
PHP Group has reported a serious security problem in the CGI SAPI of PHP version 4.3.0., affecting all platforms.
PHP script language prevents direct access to the CGI(*) binary by configuring the "--enable-force-cgi-redirect" and "cgi.force_redirect" options. However, a technique has been discovered which could allow an attacker to access the CGI directly. This could allow an attacker to read files or even run code.
PHP Group has released a new version -4.3.1- of PHP, which fixes this vulnerability and recommends that all users who could be affected install to it.
More information from: http://www.php.net/release_4_3_1.php
(*) CGI (Common Gateway Interface) is a Web programming system.
--------------------
cheers
PHP Group has reported a serious security problem in the CGI SAPI of PHP version 4.3.0., affecting all platforms.
PHP script language prevents direct access to the CGI(*) binary by configuring the "--enable-force-cgi-redirect" and "cgi.force_redirect" options. However, a technique has been discovered which could allow an attacker to access the CGI directly. This could allow an attacker to read files or even run code.
PHP Group has released a new version -4.3.1- of PHP, which fixes this vulnerability and recommends that all users who could be affected install to it.
More information from: http://www.php.net/release_4_3_1.php
(*) CGI (Common Gateway Interface) is a Web programming system.
--------------------
cheers