PHP 5.3.9 Critical Bug - Patch now

[m107]

This isn't good....
"remote code execution vulnerability. Thats right: An attacker could craft a request, that will execute code on a web server running PHP 5.3.9."

http://isc.sans.org/diary/Critical+P...+patched/12520

Further confirmed on PHP.net
http://www.php.net/archive/2012.php#id2012-02-02-1

[02-Feb-2012]
The PHP development team would like to announce the immediate availability of PHP 5.3.10. This release delivers a critical security fix.

Security Fixes in PHP 5.3.10:

Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830.

All users are strongly encouraged to upgrade to PHP 5.3.10.

Source: WHT

m107 Reviewed by m107 on 4th Feb 2012. PHP 5.3.9 Critical Bug - Patch now This isn't good.... "remote code execution vulnerability. Thats right: An attacker could craft a request, that will execute code on a web server running PHP 5.3.9." http://isc.sans.org/diary/Critical+PHP+bug+patched/12520 Further confirmed on PHP.net http://www.php.net/archive/2012.php#id2012-02-02-1 The PHP development team would like to announce the immediate availability of PHP 5.3.10. This release delivers a critical security fix. Rating: 5

[CuraHack]

THANKS !!!

[m107]

THANKS !!!

sure

[jpavsex]

Thank You

[KingOfDCP]

I get this message when using "php -v"

PHP 5.3.3 (cli) (built: Feb 2 2012 23:24:47)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies

So do I need to upgrade php version? Because I see the built Feb 2

[m107]

I get this message when using "php -v"



So do I need to upgrade php version? Because I see the built Feb 2

if you are using cpanel, simply update the cpanel

[Robert58757]