Cert unveils serious PHP hole

Backdoor to the server...

By Pia Heikkila on 1 March 2002 12:25

NEWS Researchers have found a serious vulnerability in server scripting software PHP. The open source scripting language could let hackers run random code or even crash the server, according to US-based security research laboratory Cert. Cert said the latest version, PHP4, is vulnerable but also an older version, PHP3 is at risk. Cert warned: "PHP can be installed on a variety of web servers, including Apache, IIS, Caudium, Netscape and iPlanet, OmniHTTPd and others. "Vulnerabilities in the php_mime_split function may allow an intruder to execute arbitrary code with the privileges of the web server." For more information, see
http://security.e-matters.de/advisories/012002.html

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your silicon.com account below

* Your email:

Will not be displayed with your comment

* Choose a username:

* Choose a password:

* Retype password:

* Captcha:

Newsletters:

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ

Get silicon.com's daily newsletter

Enter your email to register

Featured white papers

Why is encryption important?

Symantec.cloud

Data protection has become a hot topic, but where is the real threat and what can you do to protect your business? How...

Download now »
CIO challenges: Bringing your iPad to work

Aruba Networks

The arrival of personal technology in the office is a challenge for all organisations. The technology is here, but not...

Download now »
2012 Olympics: Is your business prepared?

Symantec.cloud

Athletes prepare for all kinds of conditions and problems in competition. With the London-hosted Olympics fast...

Download now »

Keep in touch with silicon.com

Connect with silicon.com on Facebook

Discuss the news of the day with the silicon.com team
Follow silicon.com on Twitter

Get regular updates from the silicon.com editors
Join the silicon.com LinkedIn networking group

Network with your peers and share expertise

Latest jobs

Managing Director - NBA3045

Managing Director – Cash and Transit Salary: £95K - £140K Basic, Bonus, Pension Scheme, Family...

Apply now
Managing Director - NBA3045

Managing Director – Cash and Transit Salary: £95K - £140K Basic, Bonus, Pension Scheme, Family...

Apply now
Managing Director - NBA3045

Managing Director – Cash and Transit Salary: £95K - £140K Basic, Bonus, Pension Scheme, Family...

Apply now

silicon.com newsletters

Stay up to date with silicon.com newsletters

Keep up with the latest news and analysis from silicon.com with our free email newsletters

Cert unveils serious PHP hole

Post your comment

Get silicon.com's daily newsletter

Enter your email to register

Featured white papers

Why is encryption important?

CIO challenges: Bringing your iPad to work

2012 Olympics: Is your business prepared?

Popular Security stories

Keep in touch with silicon.com

Connect with silicon.com on Facebook

Follow silicon.com on Twitter

Join the silicon.com LinkedIn networking group

Latest jobs

Managing Director - NBA3045

Managing Director - NBA3045

Managing Director - NBA3045

silicon.com newsletters

Stay up to date with silicon.com newsletters

Big data: Cheat Sheet

Photos: ZTE Tania Windows Phone heading for UK

Photos: Hockney's iPad art - Why IT pros must see artist's stroke of genius

CIO50 2011: Who is this year's top CIO?

10 must-read silicon.com Cheat Sheets

SOPA: Cheat Sheet

Home

Subscribe

About Us

Management

Technology

Special Features

Member Services

Resources

Cert unveils serious PHP hole

Recommended by silicon.com

Post your comment

Get silicon.com's daily newsletter

Enter your email to register

Featured white papers

Popular Security stories

Keep in touch with silicon.com

Latest jobs

silicon.com newsletters

Subscribe

About Us