also @ TechSpot: Check your bill: AT&T adds new 'administrative fee' to wireless bills

Major security hole in PHP

By Derek Sooman

On December 21, 2004, 3:07 PM

It looks like PHP has a nasty bug, and one that can cause some potentially wicked problems with unwanted database access. It’s been discovered that PHP versions prior to 4.3.10 or 5.0.3 have problems connected with the way that serialisation and realpath commands are handled to gain escalated privileges. The result is that many web administrators are suffering problems from hackers. Fortunately, the problem has now been fixed.

The solution to the exploit is to upgrade to the latest version of PHP - either 4.3.10 or 5.0.3, depending on which thread you are running. The 4.3.10 build also includes some 5.x bugfixes and features which have been ported backwards.

No tags on this story

Post a comment

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on PC Games

Downloads and Drivers

Downloads   Drivers  

KiTTY 0.62.2.3

mIRC 7.32

Actual Bookmarks 1.2

World of Warcraft Patch 5.3.0

Funny Photo Maker 2.4.1

More Downloads

Latest Discussion

Need advice on router-buy 10 replies on Storage and Networking

Zotac gtx 660 fan problem 6 replies on Audio and Video

Overclocking i7-3770k, question about speedfan 7 replies on Overclocking, Cooling and Modding

Upgrading my computer 8 replies on Processors and Motherboards

What game first got you hooked on gaming? 176 replies on Gaming

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.