From owner-freebsd-security Wed Feb 27 8:44:29 2002 Delivered-To: freebsd-security@freebsd.org Received: from void.xpert.com (xpert.com [199.203.132.1]) by hub.freebsd.org (Postfix) with ESMTP id 6A5CD37B402; Wed, 27 Feb 2002 08:44:18 -0800 (PST) Received: from mailserv.xpert.com ([199.203.132.135]) by void.xpert.com with esmtp (Exim 3.22 #1) id 16g784-00045J-00; Wed, 27 Feb 2002 18:40:32 +0200 Received: by mailserv.xpert.com with Internet Mail Service (5.5.2650.21) id ; Wed, 27 Feb 2002 18:44:09 +0200 Message-ID: From: Yonatan Bokovza To: 'Laurence Brockman' , security@freebsd.org, ports@freebsd.org Subject: RE: HEADS UP: Security Alert For Apache / PHP Webservers Date: Wed, 27 Feb 2002 18:44:07 +0200 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > -----Original Message----- > From: Laurence Brockman [mailto:laurence@fluxinc.com] > Sent: Wednesday, February 27, 2002 17:53 > To: security@freebsd.org; isp@freebsd.org; ports@freebsd.org > Subject: Re: HEADS UP: Security Alert For Apache / PHP Webservers > > > Just another heads up as well. > > Lately on a lot of security lists there is a lot of > dis-information being > posted. On Security Focus lists there have even been > "exploits" posted that > in reality are trojans that will open up a root shell on > unsuspecting users. Only this seems real, as PHP released version 4.1.2 today, "Due to a security issue found in in all versions of PHP" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message