PDA

View Full Version : PHP Security Flaw


vB.Org System
07 Jan 2011, 16:10
It has come to our attention that there is a flaw in PHP that can cause the server to hang on on systems using x87 FPU registers.

As per php.net (http://php.net/):

Quote:
The problem is known to only affect x86 32-bit PHP processes, regardless of whether the system hosting PHP is 32-bit or 64-bit. You can test whether your system is affected by running this script (http://php.net/distributions/test_bug53632.txt) from the command line.

Here is the relevant bug report: http://bugs.php.net/bug.php?id=53632

To test your server, copy the contents of that script to a file, such as phpcheck.php. Then upload that file to your server and run it from the command line like this:

php phpcheck.php

If the script hangs or produces an error, then you should upgrade PHP on this server immediately. If you do not have root access, then ask your host.

Please note that this is not a flaw in vB or any PHP application This is an issue with PHP itself.


More... (http://www.vbulletin.com/forum/showthread.php/370600-PHP-Security-Flaw?goto=newpost)