Advertisement

Latest News

[ Windows | Linux | Apple ]

· System Builder Marathon, Q2 2013 and more
· Microsoft delivers biggest update to date to TypeScript
· Tiff/nss-pam-ldapd Updates for Debian
· Update for Windows 8/Server 2012
· Apple TV 5.4 beta adds iTunes Radio, Conference Room Display
· DSA 2710-1: xml-security-c security update
· Intel DZ87KLT-75K Kinsley Thunderbolt Motherboard Review
· Microsoft launches Surface RT discount for schools
· MacStadium to provide new Mac Pro hosting and colocation
· Netflix outside the USA - in Linux & with Tunlr

Upcoming News

· =?UTF-8?B?W0FmZmlsaWF0ZXMgTmV3c10gT0NaIFZlcnRleCAzLjIwIDI0MEdCIFNvbGlkIFM=?= =?UTF-8?B?dGF0ZSBEcml2ZSBSZXZpZXcgQCBBUEggIApOZXR3b3Jrcw==?
· Samsung EX2F Camera Review - A Low-Light Advanced Point-And-Shoot For Any Photographer
· NZXT Phantom 630 Ultra Tower
· An MTN News Flash - MEGATech Reviews: Wicked Audio EVAC Full-Size Headphones
· [security-announce] openSUSE-SU-2013:1042-1: critical: kernel: security and bugfix update
· [security-announce] openSUSE-SU-2013:1043-1: critical: kernel
· Fractal Design Arc Midi R2 Case Review
· Mad Catz Cyborg F.R.E.Q. 5 Gaming Headset @ Benchmark Reviews
· News: MSI's Z87-GD65 Gaming motherboard reviewed
· OCZ Vertex 450 256GB SSD Review @ Hardware Canucks

Linux Compatibility

· Dell Dimension 9100
· CL-CAM50001 UPC=3700284609322
· DFE 520 TX
· nVidia GeForce4 MX 440
· Gore: Ultimate Soldier
· SMC2802W V2 wi-fi 54Mbps PCI card
· Wireless modem router N300
· Dell P780
· ASUS A7V8X
· BricsCAD for Linux

New Forum Topics

· Building a new PC: how EXACTLY to install USB mouse?
by: joyask43
on: 2013-06-09 14:36
6 replies, 2671 views

· Packet CD
by: natalieksh5
on: 2013-06-06 14:19
4 replies, 3455 views

· THE SIMS 2 DIRECTX 9.0C ERROR MESSAGE!! HELP! URGENT!!
by: tandrask34
on: 2013-06-05 14:06
28 replies, 93199 views

· Hello
by: barryherne
on: 2013-06-05 13:09
0 replies, 185 views

· shutdown link ?
by: estirwent
on: 2013-05-11 17:46
18 replies, 6894 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android

What's New

Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Vulnerability in PHP versions 4.2.0 and 4.2.1

Posted by Philipp Esselbach on: 07/27/2002 11:02 AM [ Print | 0 comment(s) ]

The PHP Group has released PHP version 4.2.2 which fix a serious vulnerability in PHP versions 4.2.0 and 4.2.1

Description
PHP contains code for intelligently parsing the headers of HTTP POST requests. The code is used to differentiate between variables and files sent by the user agent in a "multipart/form-data" request. This parser has insufficient input checking, leading to the vulnerability.

The vulnerability is exploitable by anyone who can send HTTP POST requests to an affected web server. Both local and remote users, even from behind firewalls, may be able to gain privileged access.

Impact
Both local and remote users may exploit this vulnerability to compromise the web server and, under certain conditions, to gain privileged access. So far only the IA32 platform has been verified to be safe from the execution of arbitrary code. The vulnerability can still be used on IA32 to crash PHP and, in most cases, the web server.

Download

Related Threads

01/28/2005 12:20 AM: Is Linux just as vulnerable as Windows? (30) by clutch

All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2013 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition