[Owncloud] centos 6.4 : php CVE-2006-7243 warning
dubiniuk at owncloud.com
Mon Sep 30 14:08:40 UTC 2013
On 09/30/2013 05:02 PM, Erwin Rennert wrote:
> Please don't jump to conclusions.
> It might very well be that centos patched the "old" PHP version a long
> time ago. I doubt the owncloud installation routine actually checks
> for the vulnerability.
Nevertheless it does
> It probably only checks for the PHP version number and certainly has
> no knowledge of any given distribution's patch history.
> BTW, CVE-2006-7243 is from 2006, not 2010.
> Kind regards,
> On 09/30/2013 03:25 PM, Adrian Sevcenco wrote:
>> Hi! i just installed the owncloud on an updated centos 6.4 and i have
>> this warning:
>> "Your PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243)
>> Please update your PHP installation to use ownCloud securely."
>> given that the bug is from 2010 and i have an updated system, is the
>> warning valid?
>> Owncloud mailing list
>> Owncloud at kde.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owncloud