Some flaws were discovered in PHP that could allow an attacker to execute arbitrary code on the victim's system.

The bugs are reported to be very easy to exploit in version 4.0.6 which most of us have installed from the pkg avalaible at http://pkg.nl.cobalt.com

One way to workaround these bugs is to disable the fileupload support in PHP. It can be done adding the following line to php.ini

file_uploads = Off

The advisory can be read here: http://security.e-matters.de/advisories/012002.html

I forgot that after modifying php.ini the web server must be restarted.

/etc/rc.d/init.d/httpd restart

mzz,

I have 3 dirs with some sort of php.ini :


/home/sites/home/users/admin/php-4.0.4pl1/php.ini-dist
/home/sites/home/users/admin/php-4.0.4pl1/php.ini-optimized
/home/sites/home/users/admin/php-4.0.4pl1/pear/tests/php.ini


Wich one do i need to edit ?

Nevermind, i edited the first two, the third was emtpy :)

To find out the configuration file path create a php file in your web path with the following line

<? phpinfo() ?>

and then recall it from a web browser

you'll find the location of your php.ini in the "Configuration File (php.ini) Path" section.

Mine is located in /etc/httpd/php.ini

The server is a raq4 with the the php4.0.6 pkg from http://pkg.nl.cobalt.com

There's also another php.ini for the admin server located in /etc/admserv/php.ini

The fact that you have those directories suggests that those directories contain the php source. The location of the php.ini for the pkg.nl.cobalt.com is /etc/httpd/php.ini
However, if you installed the php from source, you would have chosen where php was to look for the php.ini . Follow ellebi's instructions to find out that path. If you dont find a php.ini there you should do:

cp /home/sites/home/users/admin/php-4.0.4pl1/php.ini-optimized (path found)/php.ini

You can then edit that php.ini