Search
Membership
Login:
Membership:
- New Today: 0
- New Yesterday: 0
- Overall: 3242
- Latest: GoodNews
People Online:
- Guests: 234
- Total: 234
ATTENTION: Hotfix for OPN 2.2.3 http://www.openphpnuke.com/system/article/index.php?opnparams=CntdOAI3CmdWMFU1
Strictly speaking it's not a bug in OPN but a bug in PHP. This hotfix blocks intrusions via manipulated PHPSession variables.
Luckily an unpatched OPN 2.2.3 can withstand such attacks, but there may remain 'dead' processes on the webserver. The worst case at somehow weak webservers may be the whole webserver may be compromised.
We recommend to install this hotfix asap.
Find the hotfix here:
Zipfile
Tarfile
We guess other PHP scripts may be also concerned. So if you are using other PHP scripts and projects please watch there for security fixes and install them immediately.
Yours,
OPN-Team
Luckily an unpatched OPN 2.2.3 can withstand such attacks, but there may remain 'dead' processes on the webserver. The worst case at somehow weak webservers may be the whole webserver may be compromised.
We recommend to install this hotfix asap.
Find the hotfix here:
Zipfile
Tarfile
We guess other PHP scripts may be also concerned. So if you are using other PHP scripts and projects please watch there for security fixes and install them immediately.
Yours,
OPN-Team
Posted by manne on 2004-12-26 11:56:42 (42711 * reads)
Comments
The comments are owned by the poster. We are not responsible for their content.