MDN

Go Back   Mambo - Forums Closed for posting > Other Forums > General Discussion
Reload this Page PEAR vulnerability!!

Reply
 
Thread Tools Search this Thread Display Modes
Old July 3rd, 2005, 14:07   #1
bigodines
 
bigodines's Avatar
 
Join Date: Jan 2004
Location: RS - Brazil
Posts: 873
bigodines is an unknown quantity at this point
Default PEAR vulnerability!!
Quote:
Originally Posted by php.net
PEAR XML_RPC Vulnerability and PHP 4.4.0RC2 release

[01-Jul-2005] An easily exploitable security issue was discovered in PEAR XML_RPC <= 1.3.0. We recommend that users of this PEAR class immediately upgrade to the latest version with:

pear upgrade XML_RPC

The same security problem exists in many other XML RPC implementations, please check if the installed applications that you use might have a similar problem.

The new PEAR XML_RPC package is also bundled with the second release candidation of PHP 4.4.0RC2. Besides this new PEAR package there are two minor issues fixed since PHP 4.4.0RC1. As the improved reference support in PHP 4.4 might show as notices and warnings in your existing applications - in cases where PHP formerly just silently ignored this and often causing memory corruptions - we also recommend to test PHP 4.4.0RC2 with your applications. The final release is planned for July 11th.
http://www.php.net/
bigodines is offline   Reply With Quote
Old July 5th, 2005, 17:56   #2
MasterChief
 
MasterChief's Avatar
 
Join Date: Oct 2003
Location: Australia
Posts: 1,036
MasterChief is on a distinguished road
Default
Fortunately we don't use that library.
__________________
Andrew Eddie
<><
Mambo Core Developer February 2003-August 2005
http://www.jamboworks.com ...
MasterChief is offline   Reply With Quote
Old July 6th, 2005, 05:33   #3
bigodines
 
bigodines's Avatar
 
Join Date: Jan 2004
Location: RS - Brazil
Posts: 873
bigodines is an unknown quantity at this point
Default
seems like drupal does
bigodines is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
DoS vulnerability in PHPMailer jfriesen Security & Performance 3 June 7th, 2005 07:53
Fixed x-site injection vulnerability related to PHP bug? Robin Security & Performance 1 March 12th, 2005 10:07
Trying to install Pear and DBQ alixir Installation Questions 1 March 11th, 2005 10:14
Mambo Vulnerability announcement zc0rn General Questions 1 February 11th, 2005 02:35
Seriuos vulnerability (SQL Injection) and XSS vulnerability. Roman.Kulish Security & Performance 25 April 5th, 2004 02:34


All times are GMT -7. The time now is 07:18.

Contact Us - Mambo - Archive - Top

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.