12 Jul
2002
12 Jul
'02
08:53
i have just received what seems to be a script kiddie attempt to exploit a php vulnereability. ___ + Checking for vulnerable PHP version... + passed: server says PHP/4.0.6 + exploiting the bug now... [++++++++++] trying: bfffdf08 + done ... + you should be connected to a dup-shell now + if not simply try again command> ___ I am running php version 4.0.6 indeed, but completely up to date on every security update. Is it still possible for someone to exploit this? What should I do? Get the new version in php.net? TIA, __________________________ /"\ Francisco 'Paladino' Costa \ / ASCII Ribbon Campaign fgcosta@ccj.ufsc.br X Against HTML Mail / \