[lug] php file upload vulnerability
Sexton, George
gsexton at mhsoftware.com
Thu Jul 4 10:42:21 MDT 2002
The vulnerability was fixed. Horde/IMP will need file upload enabled to
allow attachments.
-----Original Message-----
From: lug-admin at lug.boulder.co.us [mailto:lug-admin at lug.boulder.co.us]On
Behalf Of Hugh Brown
Sent: 03 July, 2002 7:16 PM
To: LUG
Subject: [lug] php file upload vulnerability
I was looking at installing some web applications that rely on php
(horde/imp, gallery). I remember seeing that there was a problem with
file upload and that a workaround was to turn the ability to do file
uploads off in php.ini.
I want to install via rpm if possible because of its ease of upgrade.
Are the rpms for redhat just a patch that turns off file upload are is
the problem fixed. I will need to turn on the file upload so that I can
let people upload photos for gallery (I'm not sure what horde/imp's
needs are in that regard).
Hugh
_______________________________________________
Web Page: http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
More information about the LUG
mailing list