PHP Attacks....
Michael Mansour
mic at npgx.com.au
Wed Nov 9 21:33:35 UTC 2005
> On Wed, 2005-11-09 at 13:27 -0700, Michal Jaegermann wrote:
> > If I understand correctly that is really an XML_RPC vulnerability in
> > pear libraries; so if you do not have such capability, or it is not
> > turned on, then you are not vulnerable. Of course there are some
> > applications which require that. Do I miss something?
>
> I don't think you're missing anything, however a lot of php-crap-apps
> use pear, so there is a good possibility that there are Legacy users
> that need patching.
Well, I for one am looking to get my FC1 and FC2 servers patched, so if FL can
get the patches in soon, I can test on production servers.
Michael.
More information about the fedora-legacy-list
mailing list