Threat Level: Infocon green

Diaries by Keyword: weblogs php

DateAuthorTitle

WEBLOGS PHP

2008-08-19Johannes UllrichA morning stroll through my web logs

WEBLOGS

2011-05-17Johannes UllrichA Couple Days of Logs: Looking for the Russian Business Network
2010-01-20Johannes UllrichWeathering the Storm Part 1: An analysis of our SANS ISC weblogs http://appsecstreetfighter.com
2009-10-26Johannes UllrichWeb honeypot Update
2008-08-19Johannes UllrichA morning stroll through my web logs

PHP

2013-02-22Chris MohanPHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php
2013-01-17Russ McReePHP 5.4.11 and PHP 5.3.21 released
2012-09-19Russ McReeScript kiddie scavenging with Shellbot.S
2012-06-14Johannes UllrichPHP 5.4.4 and 5.3.14 released with fixes for DES crypt issue and phar heap overflow
2012-05-08Kevin ListonPHP 5.4.3 and PHP 5.3.13 Released
2012-04-05Johannes UllrichEvil hides everywhere: Web Application Exploits in Headers
2012-03-07Johannes UllrichWhat happened to RFI attacks?
2012-02-07Johannes UllrichSecure E-Mail Access
2012-02-03Guy BruneauPHP 5.3.10 Released, Fixes CVE-2012-0830 available for download http://www.php.net/archive/2012.php#id2012-02-02-1
2012-02-03Johannes UllrichCritical PHP bug patched
2012-01-16Kevin Shorttphp 5.3.9 released -Jan-10-2011
2012-01-12Rob VandenBrinkPHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header)
2011-08-22Jim ClausingDO NOT upgrade to PHP 5.3.7, significant bug in crypt() function, see http://www.php.net/
2011-08-18Rob VandenBrinkPHP 5.37 release. Some security updates, plus lots of bug fixes ==> http://www.php.net/archive/2011.php#id2011-08-18-1
2010-08-31Bojan ZdrnjaInteresting PHP injection
2010-08-10Daniel WesemannSSH - new brute force tool?
2010-07-04Manuel Humberto Santander PelaezInteresting analysis of the PHP SplObjectStorage Vulnerability
2010-06-14Manuel Humberto Santander PelaezAnother way to get protection for application-level attacks
2010-05-23Manuel Humberto Santander Pelaeze-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.
2010-02-27Guy BruneauPHP 5.2.13 Security Update
2010-01-29Johannes UllrichAnalyzing isc.sans.org weblogs, part 2, RFI attacks
2009-12-28Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-11-20Mark Hofman PHP 5.3.1 is released. With many of the websites on the net relying on PHP and the number of attacks we see, consider upgrading. This release has over 100 bug fixes, some of which are security related.
2009-08-01Deborah HaleWebsite Warnings
2009-06-26Mark HofmanPHPMYADMIN scans
2009-06-24Kyle HaugsnessExploit tools are publicly available for phpMyAdmin
2009-06-21Scott FendleyphpMyAdmin Scans
2009-04-07Johannes UllrichCommon Apache Misconception
2009-02-03Swa FrantzenOn the importance of patching fast
2008-12-10Stephen HallPHP Group has released PHP version 5.2.8
2008-09-09Swa Frantzenwordpress upgrade
2008-08-19Johannes UllrichA morning stroll through my web logs
2008-05-05John BambenekPHP 5.2.6 out w/ security updates
2006-12-24Swa FrantzenphpBB 2.0.22 - upgrade time
2006-11-29Toby KohlenbergNew Vulnerability Announcement and patches from Apple
2006-09-13Swa FrantzenPHP - shared hosters, take note.
site/port/ip search:

Announcement!

IPv6 Support Added

Our iptables client now supports submitting IPv6 firewall logs.

Get ISC Swag!!

Advertisement

Security News Feeds

InternetStormCenter
SANS Newsbites
SANS @Risk

Diary Archives

UDP port 1434 directed attack to AS13489 IP ranges - by: Manuel Humberto Santander Pelaez (2013-05-24)

MoVP II - by: Adrien de Beaupre (2013-05-23)

Privilege escalation, why should I care? - by: Adrien de Beaupre (2013-05-22)

View Diary Archives

Search Diaries:

SANS Institute

View our Privacy Policy

Contact Us

Phone: (757) SANS-ISC (726-7472) - Voice Mail Only
Web Contact: handlers@isc.sans.edu
Report Bugs: Sourceforge Project
Debug Info: Browser Debug Info

"The experiences gained in the SANS Technology Institute program have helped me advance in IBM, taking a more public facing role."
- Jerome Radcliffe, SANS Technology Institute Student

"SANS is a 'giving back to the community factory.' SANS encourages and fosters growing security awareness and growing the security community."
- Rob VandenBrink, Alumni of SANS Technology Institute