A serious bug in the popular PHP development language can leave databases wide open to intrusion if the proper security steps aren't taken.
The exploit, which affects php versions prior to 4.3.10 or 5.0.3, uses errors in the way that serialisation and realpath commands are handled to gain escalated privileges, bypass some security restrictions and compromise a vulnerable system. Many web administrators are suffering problems from hackers that have been quick to do what damage they can.
The solution to the exploit is to upgrade to the latest version of php - either 4.3.10 or 5.0.3, depending on which thread you are running. The 4.3.10 build also includes some 5.x bugfixes and features which have been ported backwards.
Hmm don't know anything about this but isn't this site based on PHP... :eek:
The Inquirer
The exploit, which affects php versions prior to 4.3.10 or 5.0.3, uses errors in the way that serialisation and realpath commands are handled to gain escalated privileges, bypass some security restrictions and compromise a vulnerable system. Many web administrators are suffering problems from hackers that have been quick to do what damage they can.
The solution to the exploit is to upgrade to the latest version of php - either 4.3.10 or 5.0.3, depending on which thread you are running. The 4.3.10 build also includes some 5.x bugfixes and features which have been ported backwards.
Hmm don't know anything about this but isn't this site based on PHP... :eek:
The Inquirer
