Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [VulnDiscuss] Php RFC1867 Upload Vuln. POC Released
From: Florian Weimer (fwdeneb.enyo.de)
Date: Thu Sep 30 2004 - 05:43:57 CDT
* Stefano Di Paola:
> Php 4.3.9 and 5.0.2 have been released with the patch for this
> vulnerability, so I've decided to release the POC for this vuln.
Secunia reports that this is PHP issue #28456, which has been fixed in
PHP 4.3.7. Can you confirm whether these defects are distinct or the
same? The other issue in the 4.3.9 announcement is called "GPC input
processing fixes", and it seems to be somewhat critical, too.
Is anybody aware of minimal patches relative to PHP 4.3.8 (or earlier