Re: twlc advisory: all versions of php nuke are vulnerable...

[Jessica Smith <crystalsinger () mail com>]

In-Reply-To: <000701c1452f$7f3fc670$8119fea9@supergate>


> Systems Affected
> all the versions ARE vulnerable
> except '5.0 RC1' (i wonder why a released c. is ok while the final 5.2 is
> bugged)

<snip>

> conclusions:
> yet another bug of php nuke... this software is used by thousands of
> people... (we run something based on it too) i hope that this time the
> author will reply soon and will release a patch too!

Just FYI, this was patched in PHPNuke 5.3, released way back in November 
2001 - perhaps SecurityFocus can update the attack description to reflect 
this so that people running later versions don't worry unnecessarily?


Jessica