2006/2/20 16:12
allnewtome
Not too shy to talk
Posts: 175
Since: 2005/11/30
Hi,Just to let you know that there's a bug been announced in PHPXMLRPC: http://www.theregister.co.uk/2006/02/20/linux_worm/http://www.gulftech.org/?node=research&article_id=00088-07022005The hole can be used to run arbitrary PHP code, so could be quite a securityrisk. I've done a quick scan - it looks like XOOPS has its own XML RPC bundledin it ( /home/xxxxxxxxx/public_html/xoops/xmlrpc.php ) that I assume isn'taffected. Just thought I'd give you a heads up so you can investigate if needed.Cheers,
2006/2/20 18:04
davidl2
XOOPS is my life!
Posts: 4843
Since: 2003/5/26
2006/2/20 20:16
davidl2 wrote:I believe this was dealt with a couple of updates ago - so make sure if you're running 2.0.x - you've updated to 2.0.13.2(see note below re-backups!)
2006/2/20 20:50
Herko
Posts: 4238
Since: 2002/2/4 1
allnewtome wrote:Thanks for the swift response. Does the same apply to 2.2.3?
2006/2/20 20:52
Advanced Search
414 user(s) are online (351 user(s) are browsing Support Forums)
Members: 0
Guests: 414