[thelist] Multiple Vulnerabilities in PHP fileup - CERT advisory

stout at stoutstreet.com stout at stoutstreet.com
Thu Feb 28 09:35:01 CST 2002


My host provider, pair.com, has jumped on this very proactively. But be aware that this also affects mail as well. Any form with 'mulitpart/formdata', I believe. So disabling email attachments is a side-effect.
>Thought I'd pass along some info to you PHP folks that CERT dispatched
>yesterday. This is just a snippet, and you can read the whole thing and
>obtain more information from <http://www.cert.org/advisories/CA-2002-05.html>

-----------------------------------------
could use a job.......
http://www.iampms.com/



More information about the thelist mailing list