Date: Thu, 7 Mar 2002 09:46:40 +0200 From: "Toomas Aas" <toomas.aas@raad.tartu.ee> To: "Peter Brezny" <pbrezny@purplecat.net>, freebsd-questions@freebsd.org Subject: Re: getting hold of an older port version Message-ID: <200203070747.g277lRK21846@lv.raad.tartu.ee> In-Reply-To: <NEBBIGLHNDFEJMMIEGOOIEDHEJAA.pbrezny@purplecat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Peter! On 6 Mar 02 at 13:38 you wrote: > Specifically mod_php4 using php 4.0.6 (yes I know it's vulnerable). The way I read the e-matters security advisory, PHP 4.0.6 *on FreeBSD* should be safe. Excrept from http://security.e-matters.de/advisories/012002.html: ----------------- cut here -------------------------------- PHP 4.0.6-4.0.7RC2 - broken boundary check (very easy to exploit) <snip> Finally I want to mention that the boundary check vulnerabilities are only exploitable on linux or solaris. ----------------- cut here -------------------------------- -- Toomas Aas | toomas.aas@raad.tartu.ee | http://www.raad.tartu.ee/~toomas/ * @dress: A garment worn by some people when emailing at home. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203070747.g277lRK21846>