php5漏洞更新代码注入

大胡子 · 发表于 2012-2-7 15:18:08

Debian最新安全更新 php5 代码注入

配置变量有缺陷允许远程攻击者可以崩溃PHP或潜在的执行代码.
建议更新
Package       : php5
Vulnerability  : code injection
Problem type : remote
Debian-specific: no
CVE ID       : CVE-2012-0830

Stefan Esser discovered that the implementation of the max_input_vars
configuration variable in a recent PHP security update was flawed such
that it allows remote attackers to crash PHP or potentially execute
code.

This update adds packages for the oldstable distribution, which were
missing from the original advisory. The problem has been fixed in
version 5.2.6.dfsg.1-1+lenny16, installed into the security archive
on 3 Feb 2012.

For the stable distribution (squeeze), this problem has been fixed in
version 5.3.3-7+squeeze7.

For the unstable distribution (sid), this problem has been fixed in
version 5.3.10-1.

We recommend that you upgrade your php5 packages.

用户名 · 发表于 2012-2-7 15:20:04

你妹～PHP连续爆了好几天

Kvm · 发表于 2012-2-7 15:22:29

你妹大胡子连续几天爆php漏洞

大胡子 · 发表于 2012-2-7 15:24:07

Kvm 发表于 2012-2-7 15:22
你妹大胡子连续几天爆php漏洞

minkdog.com · 发表于 2012-2-7 15:26:08

你妹大胡子连续爆几天

大胡子 · 发表于 2012-2-7 15:27:29

minkdog.com 发表于 2012-2-7 15:26
你妹大胡子连续爆几天

tnrain · 发表于 2012-2-7 15:34:58

还是用asp+access好稳定! 省资源哈!

大胡子 · 发表于 2012-2-7 15:38:05

tnrain 发表于 2012-2-7 15:34
还是用asp+access好稳定! 省资源哈!

asp不会玩 windows 系统本身虽然比较耗资源但是各项兼容做的要好

mj_japen · 发表于 2012-2-7 16:03:16

去看看。。。

哈P哥 · 发表于 2012-2-7 16:10:12

好多洞洞哦，蛋疼。。。不过5.2的没问题吧？

		自动登录	找回密码
密码			注册

php5漏洞更新 代码注入

相关帖子

php5漏洞更新代码注入