I didn’t bother mentioning the new PHP XML-RPC vulnerability to somebody yesterday, assuming they already knew. Alas, they got burned by it so I’m making it a point to mention these things in a widespread generic sense from now on.
As such: if you are running PHP content management systems like blogs, postnuke or anything that uses PEAR XML_RPC <= 1.3.0, you need to drop what you are doing, login as root, and run
pear upgrade XML_RPC
right now. See the PHP website for details.
4243C Dundas St. W, Suite 405
Etobicoke, ON M8X 1Y3
Phone: +1.855.321.EASY (3279)
Fax: +1.647.438.6227
support@easydns.com
Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.
For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.
Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.
For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.
"*" indicates required fields
Leave a Reply