Text only | Text with Images

IDNetters Forums

Technical News & Discussion => IDNet Help => Topic started by: Rik on Jan 07, 2011, 10:30:12

Title: During the forum shut down today
Post by: Rik on Jan 07, 2011, 10:30:12
We'll be around to try and help with connection issues in the Broadband, Networking, PC Security, Internet & ISPs board on PC Pals.

http://www.pc-pals.com/smf/index.php
Title: Re: During the forum shut down today
Post by: Simon on Jan 07, 2011, 11:12:45
We must try think of a more succinct name for that board!  ;D
Title: Re: During the forum shut down today
Post by: DorsetBoy on Jan 07, 2011, 11:32:21
STOP RIGHT THERE !!  

Something to get sorted BEFORE any update is made :

QuoteAn extremely serious security flaw has been discovered in PHP, requiring that all affected servers be updated as a matter of urgency.

The flaw allows a remote webserver running an affected version of PHP to be crashed using nothing more than a URL request.

If you are running a 64 bit version of PHP you are unaffected, but if you are running in 32 bit mode, or you are not sure, now would be a good time to drop everything and make sure that your server is not vulnerable, by installing the latest version of PHP either from php.net, or from your own webserver vendor. Zend Server has a hotfix available already.

Due to the massive impact of the flaw and the trivial way in which it can be exploited, news of this bug will spread rapidly so speed is of the essence in getting your server patched.


http://www.php.net/distributions/test_bug53632.txt   PHP script to test vulnerability



http://bugs.php.net/bug.php?id=53632    Bug report detailing the flaw
Title: Re: During the forum shut down today
Post by: Simon on Jan 07, 2011, 12:41:00
Ummm....
Title: Re: During the forum shut down today
Post by: Rik on Jan 07, 2011, 12:54:18
The server we run on is 64-bit and, therefore, unaffected.
Title: Re: During the forum shut down today
Post by: DorsetBoy on Jan 07, 2011, 12:56:19
Quote from: Rik on Jan 07, 2011, 12:54:18
The server we run on is 64-bit and, therefore, unaffected.

you are still be vulnerable if you are running x64 but have an x86 version of PHP  .

It works too, I have tried it out.
Title: Re: During the forum shut down today
Post by: Rik on Jan 07, 2011, 13:04:54
I'm told we're running 64-bit PHP, Dorset.
Title: Re: During the forum shut down today
Post by: Steve on Jan 07, 2011, 13:10:43
We are posh. ;D
Title: Re: During the forum shut down today
Post by: Glenn on Jan 07, 2011, 13:11:52
I don't live in Portsmouth.
Title: Re: During the forum shut down today
Post by: Steve on Jan 07, 2011, 13:12:30
Neither would I. :whistle:
Title: Re: During the forum shut down today
Post by: Rik on Jan 07, 2011, 13:12:38
Simon's the nearest...
Title: Re: During the forum shut down today
Post by: Simon on Jan 07, 2011, 13:13:55
Gary is  nearer.  :)
Title: Re: During the forum shut down today
Post by: Rik on Jan 07, 2011, 13:20:22
Simon's almost the nearest. ;D
Title: Re: During the forum shut down today
Post by: DorsetBoy on Jan 07, 2011, 13:22:36
Quote from: Rik on Jan 07, 2011, 13:04:54
I'm told we're running 64-bit PHP, Dorset.

That is what needed checking, the exploit is ridiculously simple, just add 33 characters to a post and the results ,well.........  :red:
Title: Re: During the forum shut down today
Post by: Rik on Jan 07, 2011, 13:24:19
I think we've had quite enough excitement for one week. :)
Title: Re: During the forum shut down today
Post by: esh on Jan 08, 2011, 12:11:04
PHP is a bit of an embarrassment at times really. Shame there's nothing quite so convenient/flexible out there for quick web apps.
Title: Re: During the forum shut down today
Post by: Gary on Jan 08, 2011, 23:47:50
Quote from: Simon on Jan 07, 2011, 13:13:55
Gary is  nearer.  :)
I don't want to go there, even if it is close
Text only | Text with Images