Simple Machines > News and Updates

PHP security warning

<< < (2/5) > >>

Xuantia:
Thanks for the warning!

Arantor:

--- Quote from: Yoshi2889 on May 05, 2012, 05:49:58 PM ---Seems like Facebook may have some issues sooner or later..
Thanks for informing.

--- End quote ---

Or not seeing how they actually don't run standard PHP but compiled PHP and in fact going to a certain URL to attempt to exploit this will suggest you visit their hiring pages.

NanoSector:

--- Quote from: Arantor on May 05, 2012, 06:16:46 PM ---
--- Quote from: Yoshi2889 on May 05, 2012, 05:49:58 PM ---Seems like Facebook may have some issues sooner or later..
Thanks for informing.

--- End quote ---

Or not seeing how they actually don't run standard PHP but compiled PHP and in fact going to a certain URL to attempt to exploit this will suggest you visit their hiring pages.

--- End quote ---
Still, who knows what this exploit may do. I'm not an expert in PHP security, so what do I know..

SleePy:
Only those using CGI (not even fastcgi) are affected and it seems to mainly be pointed out on Apaches systems.  If its patched in cPanel, also that helps.  So the scope of the attack is small.  But that won't stop new bot scripts from trying something new now.

But its important for people to know incase they are vulnerable to this.

Norv:
Yoshi, I think Facebook were joking. (this time). Obviously these days sites have started to get hits for that query string.

Actually, we could do something too, Sleepy. ;)

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version