Vulnerability?
mottie
Joined: 2002-08-20
Posts: 19 |
Posted: Fri, 2004-12-17 17:54 |
On slashdot today.. is gallery vulnerable? I am going to upgrade regardless, as I have a phpBB2 forum installed.. http://www.hardened-php.net/advisories/012004.txt The Hardened-PHP Project has announced several serious and according to them, easy-to-exploit vulnerabilities within PHP. A flaw within the function unserialize() is rated as very critical for millions of PHP servers, because it is exposed to remote attackers through lots of very popular webapplications. The list includes forum software like phpBB2 |
|
Posts: 2322
Since they don't include examples of what could trigger the error, it's very difficult to say with 100% certainty, but in my understanding of the bug, I don't believe that Gallery is vulnerable.
The only data that Gallery serializes is the album/photo and userdb information.