Hi,

Just to let you know that there's a bug been announced in PHPXMLRPC:

http://www.theregister.co.uk/2006/02/20/linux_worm/
http://www.gulftech.org/?node=research&article_id=00088-07022005

The hole can be used to run arbitrary PHP code, so could be quite a security
risk. I've done a quick scan - it looks like XOOPS has its own XML RPC bundled
in it ( /home/xxxxxxxxx/public_html/xoops/xmlrpc.php ) that I assume isn't
affected. Just thought I'd give you a heads up so you can investigate if needed.

Cheers,

davidl2 wrote:
I believe this was dealt with a couple of updates ago - so make sure if you're running 2.0.x - you've updated to 2.0.13.2

(see note below re-backups!)

allnewtome wrote:
Thanks for the swift response. Does the same apply to 2.2.3?