PHP Exploit - GoFuckYourself.com

Phil21 · 07-22-2002, 10:18 AM

Didn't see another thread on this. Strange.

Anyways, guessing most hosting companies have allready upgraded (rght? comon now! ;) ) but those with dedicated servers that are unmanaged by your host will need to upgrade ASAP.

Essentially this is a remote code execution exploit, i.e. the bad one. This is has much more immediate potential than the Apache vulnerability about a month ago. UPGRADE IMMEDIATELY.

Effected versions are 4.2.x up until 4.2.2 (the bugfix release). Older versions may or may not be effected, there seems to be some disagreement about this. I would upgrade to be safe.

An interim fix would be to disable both .htaccess (to keep from overrriding apache config) and disabling HTTP POST requests if you have nothing that uses POST's.

As I speak, php.net is down. You can grab PHP 4.2.2 from our network or check out php.he.net (a mirror) for more info.

Good luck, figured you'd all want a heads up before all the kiddies get their hands on a publicly released exploit.

And, in closing... PHP is the fucking devil. I have no idea why the hell anyone would use this shit, but hey, we support it and such is life.

-Phil

foe · 07-22-2002, 10:22 AM

php.net is up

http://www.php.net/release_4_2_2.php

more detailed info

Phil21 · 07-22-2002, 10:24 AM

Ah, yep. Was quite a challenge early this morning trying to remember the mirror names when I was looking to get PHP.

Anyways, go to php.net directly for more info straight from the horses mouth.

peace,

-Phil

foe · 07-22-2002, 10:28 AM

Btw I dont know why you have php in the past I have known php to be much more secure than some other server side based languages.

AdultWire · 07-22-2002, 10:44 AM

There are many bug fixes for this bug, including patches for 4.0.6

Babaganoosh · 07-22-2002, 11:56 AM

Just got done upgrading my server at rackshack. Ran into some trouble but I got it going. If anyone is having trouble upgrading, hit me up. I have some free time this afternoon and would be glad to help you out.

07-22-2002, 10:18 AM	#1
Phil21 Confirmed User Join Date: May 2001 Location: ICQ: 25285313 Posts: 993	PHP Exploit Didn't see another thread on this. Strange. Anyways, guessing most hosting companies have allready upgraded (rght? comon now! ;) ) but those with dedicated servers that are unmanaged by your host will need to upgrade ASAP. Essentially this is a remote code execution exploit, i.e. the bad one. This is has much more immediate potential than the Apache vulnerability about a month ago. UPGRADE IMMEDIATELY. Effected versions are 4.2.x up until 4.2.2 (the bugfix release). Older versions may or may not be effected, there seems to be some disagreement about this. I would upgrade to be safe. An interim fix would be to disable both .htaccess (to keep from overrriding apache config) and disabling HTTP POST requests if you have nothing that uses POST's. As I speak, php.net is down. You can grab PHP 4.2.2 from our network or check out php.he.net (a mirror) for more info. Good luck, figured you'd all want a heads up before all the kiddies get their hands on a publicly released exploit. And, in closing... PHP is the fucking devil. I have no idea why the hell anyone would use this shit, but hey, we support it and such is life. -Phil Last edited by Phil21; 07-22-2002 at 10:19 AM..

07-22-2002, 10:22 AM	#2
foe Confirmed User Join Date: May 2002 Location: CT Posts: 5,246	php.net is up http://www.php.net/release_4_2_2.php more detailed info Last edited by foe; 07-22-2002 at 10:25 AM..

07-22-2002, 10:44 AM	#5
AdultWire Confirmed User Join Date: Feb 2002 Location: Toronto, ON Posts: 962	There are many bug fixes for this bug, including patches for 4.0.6 __________________ SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60.

07-22-2002, 11:56 AM	#6
Babaganoosh ♥♥♥ Likes Hugs ♥♥♥ Industry Role: Join Date: Nov 2001 Location: /home Posts: 15,841	Just got done upgrading my server at rackshack. Ran into some trouble but I got it going. If anyone is having trouble upgrading, hit me up. I have some free time this afternoon and would be glad to help you out. __________________ I like pie.

07-22-2002, 10:24 AM	#3
Phil21 Confirmed User Join Date: May 2001 Location: ICQ: 25285313 Posts: 993	Ah, yep. Was quite a challenge early this morning trying to remember the mirror names when I was looking to get PHP. Anyways, go to php.net directly for more info straight from the horses mouth. peace, -Phil

07-22-2002, 10:28 AM	#4
foe Confirmed User Join Date: May 2002 Location: CT Posts: 5,246	Btw I dont know why you have php in the past I have known php to be much more secure than some other server side based languages.