Technology news and Jobs arrow Information Technology News arrow Month of PHP Bugs underway
Month of PHP Bugs underway E-mail
by Stephen Withers   
Tuesday, 06 March 2007
Inspired by the Month of Browser Bugs and the Month of Apple Bugs, the Hardened-PHP Project has declared March the Month of PHP Bugs (MOPB) to draw attention to security vulnerabilities in the core PHP software.

PHP is widely used scripting language most commonly employed to create dynamic web pages.

"[O]ld and new security vulnerabilities in the Zend Engine, the PHP core and the PHP extensions will be disclosed on a day by day basis. We will also point out necessary changes in the current vulnerability managment process used by the PHP Security Response Team", the project team announced on its web site.

Unlike the previous 'Months' projects, MOPB does not limit itself to disclosing one bug per day and has already identified 11 vulnerabilities in the first five days.

The issues include string buffer overflows, inappropriate permissions and stack overflows, just as we saw in previous 'Months' projects. Some cause crashes or other denial-of-service conditions, while others permit privilege escalation and other problems. Proof of concept exploits are provided where appropriate.{moscomment}

Please enable JavaScript in your browser to post your comment!

Tags See All Tags


Malware  Open Source  Security  Software  Stephen Withers  Web 

Get stories like this delivered daily - FREE - subscribe now
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
Suscribers		 904,266
13,751
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff
Subscribe to our free e-newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire