php flaw

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Patches slapped on serious PHP flaws

Patches slapped on serious PHP flawsI watch with interestRead about it here :http://www.ciac.org/ciac/bulletins/p-067.shtml"PHP Development Team would like to announce the immediate release of PHP 4.3.10. This is a maintenance release that in addition to over 30 non-critical bug fixes addresses several very serious security issues. These include the following: CAN-2004-1018...

Tags: Scripting languages, Patches, SECURITY, PHP, PHP flaw, WordPad, flaw, patch management

Discussion threads 2004-12-17

Additional Resources

Stallman admits GPL flawed, proprietary licensing needed to pay for MySQL development

You really believe that?Look at Red Hat. $5.1 Bln market cap and they're not making *any* money with free software? There is plenty of money out there for consulting services and support. Just ask IBM.Proprietary software is not religion.The problem with Sun was that they couldn't commit either...

Tags: OPEN SOURCE, Databases, Websters, MySQL, GPL, Stallman

Discussion threads 2009-10-22

News to know: Intel's IDF; Google; Microsoft; Yahoo

Here are today’s notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET’s around-the-Web tech coverage. Ryan Naraine: Critical iTunes flaw exposes Mac, Windows to hacker attacks Sam Diaz: Otellini at...

Tags: Google Inc., Yahoo! Inc., Microsoft Corp., Intel Corp., Cloud Computing, Data Centers, E-mail Providers, Microsoft Windows, Smart Phones, Corporate Communications, Linux, Storage, Hardware, Data Management, Internet, Operating Systems, Software, Consumer Electronics, Personal Technology, Marketing, Larry Dignan

Blog posts 2009-09-23

Password-reset flaw haunts WordPress admins

Open source and PHP at its worstI cannot fathom the design decisions that went into PHP. Maybe that's because there weren't any. That "language" I use that term in the broadest sense here is accident upon accident, quirk upon quirk, patch upon patch. PHP is a complete mess without a...

Tags: Scripting languages, PHP, Wordpress

Discussion threads 2009-08-11

Mozilla, Google plug high-risk browser holes

Mozilla, Google plug high-risk browser holesReady before Tuesday, as I suspected.Downloaded and installed - no problems so far.there's another unpatched critical flaw in Firefox 3.5.1http://www.milw0rm.com/exploit.php?id=9158The Only Plugin You'll Ever Need: NoscriptGo get it here[b]This talkback brought to you by Mozilla Firefox 3.5[/b]The safest internet browser on the planet!Avoid Microsoft Internet...

Tags: Web browsers, NOW IT, noscript, Mozilla Firefox, Web browser, high-risk browser hole, browser hole, Mozilla Corp., Novell AppArmor, Microsoft Internet Explorer, plug-in, ActiveX, NoScript, Google Inc.

Discussion threads 2009-07-17

Google's Chrome OS: A threat to Intel and the rise of ARM chips

Google's Chrome OS: A threat to Intel and the rise of ARM chipsBut does it run Flash?I figured I would chime in since people feel that it is the OS writers issue to provide Flash compatibility - witness all the users griping about lack of FLASH in the Iphone, Android...

Tags: Operating systems, gmail, ARM, Google Inc., operating system, Intel Corp., Google Chrome OS, Google Chrome, chip

Discussion threads 2009-07-09

Apple Patch Day: 67 Mac OS X, Safari vulnerabilities

On the same day Microsoft shipped a bundle of patches for gaping holes in its PowerPoint software, Apple followed suit, dropping a monster Mac OS X update to correct 67 security vulnerabilities. The sudden Apple Patch Day also included a patch to cover a trio of flaws...

Tags: Apple Macintosh, Apple Safari, Vulnerability, Apple Inc., Arbitrary Code Execution, Apple Mac OS X, Apple Mac OS, Operating Systems, Security, Software, Ryan Naraine

Blog posts 2009-05-12

Twitter hit by multiple variants of XSS worm

During the weekend and early Monday, at least four separate variants of the original StalkDaily.com XSS worm hit the popular micro-blogging site Twitter,  automatically hijacking accounts and advertising the author's web site by posting tweets on behalf of the account holders, by exploiting cross site scripting flaws at the site....

Tags: Flaw, XSS, Worm, Twitter, www.StalkDaily.com, Mikeyy XSS, Cyberthreats, Viruses And Worms, Security, Dancho Danchev

Blog posts 2009-04-14

GPL's cloudy future

One of the things about getting older is that you learn to ignore things until you have to do something about them. It's a learned efficiency, I suppose, rationing your increasingly precious time out to the unceasing demands upon it. I finally realized I have to do some serious thinking...

Tags: Software, GPL, Cloud Computing, Free Software Foundation, BSD, Free Software, Affero GPL, AGPL, Open Source, Jeremy Allison

Blog posts 2009-04-07

One-year-old (unpatched) Windows 'token kidnapping' under attack

One-year-old unpatched Windows 'token kidnapping' under attackMS should patch this but you do your readers a disservice by not mentioningMS should patch this but you do your readers a disservice by not mentioning that this requires IIS to be installed on the machine. Since the default install of Windows does...

Tags: cloud computing, SECURITY, Microsoft Windows, NonZealot, Microsoft IIS Server, Microsoft Corp., BAD MS, vulnerability, escalation flaw, Web application, desktop user, attack

Discussion threads 2009-03-16

PHP plugs security holes

The open-source PHP Group has issued a patch for at least four security flaws in the widely-used general-purpose scripting language. With PHP 5.2.9 see changeLog, the PHP development team corrects a total of 50 bugs, including a publicly-known flaw that allows attackers to read the contents of...

Tags: Security, PHP, Scripting Languages, Software/Web Development, Web Development, Ryan Naraine

Blog posts 2009-02-27

Apple announces Safari 4 browser public beta;

Apple announces Safari 4 browser public beta; at least Apple didn't snivel to the EUMost Apple software on PC's sucks. But since Mozilla sniveled to the EU I'd consider putting Safari on Windows, maybe although IE 8 is fine. Good for Apple[i]A new Windows-native look in Safari for Windows, that...

Tags: Operating systems, Web browsers, Web browser, Apple Inc., Apple Safari, Microsoft Windows, Chrome, public beta

Discussion threads 2009-02-24

To Linux or not to Linux?

To Linux or not to Linux?A safe choiceAnd, more importantly, a good choice for your users' needs. Which they will agree with soon enough.Ubuntu for the kidsIncreasingly open source free software is making in roads in the schools. Not just because it's free but because it works. In my child's...

Tags: UNIX, Operating systems, OPEN SOURCE, tiebreaker, Remember IT, Linux

Discussion threads 2009-02-19

Microsoft

MicrosoftDamned if you do...Damned if you don't ntWow. Vista is too secure and in-your-face. So Microsoft changes UAC in response to the mountain of user feedback so you can tweak it in Windows 7 and now it's not secure enough.Mind boggling stupidity when it comes to 'default' settingsevery version of...

Tags: Microsoft Windows, Construction, UAC, Microsoft Windows 7, advertisement, Microsoft Corp.

Discussion threads 2009-02-04

Google plugs ‘high-risk’ holes in Chrome browser

Google plugs ‘high-risk’ holes in Chrome browserBig Brother (spy-eye) is monitoring you.....With the Google desktop search, google tool bar, google toilet paper you are covered from head to toe monitoring!Plus, ALL of the private data is being scanned and sheep follow it because it is so cool.I use a scrapper...

Tags: E-mail, Social Security, Benefits, Web browser, Google Inc.

Discussion threads 2009-01-29

An easy fix ignored

An easy fix ignoredWhich points out the other obvious flaw...Who identified these CA's as being trustworthy in the first place? No one. They are self-appointed holders of our trust.This was the major criticism of the certificate process in the first place, and the fact that they continue to...

Tags: Web browsers, SSL/TLS, Network security, Computer Associates International Inc., MD5, easy fix

Discussion threads 2008-12-30

Latest twist in Apple vs. Psystar

Latest twist in Apple vs. PsystarPretty funny"..APPLE intentionally embeds code in the Mac OS that causes the Mac OS to malfunction on any computer hardware system that is not an Apple-Labeled Computer Hardware System.."Talk about arrogance. Apple, selling Apple hardware, should concern itself with its software running on other platforms...

Tags: Operating systems, Apple Mac OS, Apple Inc., Psystar, operating system, hardware

Discussion threads 2008-12-10

Hackers exploiting (unpatched) IE 7 flaw to launch drive-by attacks

Hackers exploiting unpatched IE 7 flaw to launch drive-by attacksCmon Loverock, Comment On This One!That's right, you selectively avoid stories like this. If it's anti-Linux, you pounce right on it.IE7 is a joke.So this doesn't affect XP SP3 or Vista?[i]The Web attacks, first reported by Bob McMillan, takes aim...

Tags: Web browsers, Microsoft Windows Vista (Longhorn), Microsoft Windows XP Service Pack 2, SECURITY, Microsoft Internet Explorer 7, Microsoft Internet Explorer, Microsoft Windows Vista, Microsoft Windows, exploit, Microsoft Windows XP

Discussion threads 2008-12-09

Black market for zero day vulnerabilities still thriving

One would assume that popular sources for zero day vulnerabilities+Poc's such as Full-Disclosure, Bugtraq or Milw0rm are the primary sources for obtaining responsibly or irresponsibly released flaws. They'd be wrong. The black market for zero day vulnerabilities and the concept of over-the-counter OTC trade of zero day flaws, has been...

Tags: Web, Vulnerability, Web Application, SQL Injection, Exploit, Day Vulnerability, E-shop, Security, Dancho Danchev

Blog posts 2008-11-02

Moixa Energy USBCell AA NiMH batteries

Moixa Energy USBCell AA batteries are practical for an on-the-go gadget addict. These attractive, compact batteries resemble other nickel metal hydride AAs, except for a bright green cap covering the USB plug. Instead of tossing them in the trash or nestling them into a recharging unit when out of juice,...

Tags: Engineering, Call2Recycle, Moixa, Moixa Energy, battery, USBCell, USBCell battery

Product reviews 2008-10-08