22 Dec
2004
22 Dec
'04
00:25
On Tue, 2004-12-21 at 16:43 -0500, Jim Clausing wrote:
Any idea when the PHP patches are going to be available. The Santy thing this morning only exploits phpBB, so if you're not running that you are okay for the moment, but exploit code for the unserialize() vuln has been around for at least 4 days, so I suspect someone will turn that into a worm pretty quick.
it seems to be the case already: http://beta.search.msn.com/results.aspx?q=NeverEverNoSanity&FORM=QBNO regards, Olivier -- _______________________________________________________ Olivier Müller - PGP key ID: 0x0E84D2EA - Switzerland E-Mail: http://omx.ch/mail/ - AIM/iChat: swix3k