PHP team fixes nasty site-owning remote execution bug

    Date29 Oct 2019
    765
    Posted ByBrittany Day
    LS Hmepg 337x500 20

    The PHP development team has fixed a bug that could allow remote code execution in some setups of the programming language. Get the details:

    The PHP development team has fixed a bug that could allow remote code execution in some setups of the programming language, possibly allowing attackers to take over any site running the code remotely.

    PHP is a common programming language used to run dynamic websites. It operates everything from online forums to ecommerce systems. The bug, found in version 7 of PHP, only affects instances running the PHP FastCGI Process Manager (PHP-FPM), which is an alternative implementation of a standard PHP module called FastCGI. It lets an interpreter outside the web server execute scripts. The process manager version includes some extra features to support high-volume websites.

    For the bug to work, the website must also be running the Nginx web server, which runs on around one in every three websites, according to W3techs.

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"66","type":"x","order":"1","pct":57.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.04,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.57,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.