[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Unofficial PHP 4.1.2 PKG available

Hi Andreas,

> I was urged to compile a new php 4.1.2. module to fix that security bug
> in earlier versions. I made a nice *.pkg file which everyone can get on
> ftp://ftp.cobalthosting.ch/pub/optional/RaQ3-PHP-4.1.2-1.pkg .

Your package is phoning home.

Beware, anyone: If you install this package, then an email is generated and 
sent to a.petralli@xxxxxxxxxx and to register@xxxxxxxxxxxxx, including 
detailed information about your server:

<<COBALT RECEPTOR>>
<<VENDOR VENDOR_NAME = <Cobalthosting.ch, Arpanet AG Switzerland> >>
<<VENDOR PRODUCT_NAME = <PHP 4.1.2 PKG> >>
<<VENDOR PRODUCT_VERSION = <1.0> >>
<<VENDOR PRODUCT_VARIANT = <full version> >>
<<VENDOR MULTI_SITE = [true] >>
<<VENDOR EVENT_TYPE = [install] >>
<<VENDOR MY_CUSTOM_TAG = my custom value >>

<<COBALT REGISTER_VERSION = 1.1.1 >>
<<COBALT INSTALL_DATE = 3/1/2002 21:57:42 >>
<<COBALT INSTALL_ZONE = Europe >>
<<COBALT INSTALL_HOUR = 21 >>
<<COBALT INSTALL_MINUTES = 57 >>
<<COBALT INSTALL_MONTH = 3 >>
<<COBALT INSTALL_DAY = 1 >>
<<COBALT INSTALL_YEAR = 2002 >>
<<COBALT HOSTNAME = XXX.XXX.XXX >>
<<COBALT ADMIN_EMAIL = admin@xxxxxxxxxxx >>
<<COBALT CPU = 298.807 >>
<<COBALT CPU_MODEL = AMD-K6(tm) 3D processor >>
<<COBALT MEMORY = 387336 kB >>
<<COBALT HARD_DISK_CONFIG = hda1(743466/) hda3(198601/var) hda4(8579124/home) 
 >>
<<COBALT RELEASE = release 5.0 (Pacifica) >>
<<COBALT BUILD = build 3.148 for a 3000R in English >>
<<COBALT KERNEL_RELEASE = 2.4.17 >>
<<COBALT KERNEL_VERSION = #1 Fri Feb 1 10:52:03 EST 2002 >>
<<COBALT IP_ADDR = XXX.XXX.XXX.XXX >>
<<COBALT MAC_ADDR = 00:10:XX:XX:XX:XX   >>
<<COBALT /RECEPTOR>>

It's nothing malicious and an officially implemented method in the PKG 
package standard. However, it's rarely used.

So install at your own risk, indeed! :o/

-- 

With best regards,

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer