[Owncloud] centos 6.4 : php CVE-2006-7243 warning
Erwin Rennert
rennert at zsi.at
Mon Sep 30 14:02:55 UTC 2013
Please don't jump to conclusions.
It might very well be that centos patched the "old" PHP version a long
time ago. I doubt the owncloud installation routine actually checks for
the vulnerability. It probably only checks for the PHP version number
and certainly has no knowledge of any given distribution's patch history.
BTW, CVE-2006-7243 is from 2006, not 2010.
Kind regards,
E.R.
On 09/30/2013 03:25 PM, Adrian Sevcenco wrote:
> Hi! i just installed the owncloud on an updated centos 6.4 and i have
> this warning:
> "Your PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243)
> Please update your PHP installation to use ownCloud securely."
>
> given that the bug is from 2010 and i have an updated system, is the
> warning valid?
>
> Thanks!
> Adrian
>
>
>
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud
>
>
> !DSPAM:52497c0f128225655088695!
>
--
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Erwin Rennert, IT Services
Center for Social Innovation
A-1150 Wien, Linke Wienzeile 246
Austria, Europe
Phone: ++43-1-495 04 42 - 61
Facsimile: ++43-1-495 04 42 - 40
http://www.zsi.at/
More information about the Owncloud
mailing list