Exploit 1.4.19? Exploit 1.4.19?
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Exploit 1.4.19?

Started by mahdi1234, January 29, 2009, 08:13:34 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

mahdi1234

January 29, 2009, 08:13:34 PM
How about this one, do dev know it?

http://www.milw0rm.com/exploits/7909

Joachim Müller

#1
January 29, 2009, 08:50:56 PM
Thanks for letting us know - that's a brand-new one. We'll look into this and come up with a resolution as soon as possible.

Abbas Ali

#2
January 30, 2009, 06:38:37 AM
I can confirm this exploit. Working for a fix.

The patch given by the reporter unsets all variables which were registered because of register_globals on. I think this is the correct way.
Chief Geek at Ranium Systems

Joachim Müller

#3
February 04, 2009, 11:33:52 AM
cpg1.4.20 has just been released, which takes care of the exploit. See corresponding announcement thread cpg1.4.20 Security release - upgrade mandatory!
Print
Go Up Pages1
User actions