Hi y'all...back from a couple days away....

full info at:

http://www.cert.org/advisories/CA-2002-05.html


Systems Affected
Web servers running PHP
Overview
Multiple vulnerabilities exist in the PHP scripting language. These vulnerabilities could allow a remote attacker to execute arbitrary code with the privileges of the PHP process.

I. Description
PHP is a scripting language widely used in web development. PHP can be installed on a variety of web servers, including Apache, IIS, Caudium, Netscape and iPlanet, OmniHTTPd and others. Vulnerabilities in the php_mime_split function may allow an intruder to execute arbitrary code with the privileges of the web server. For additional details, see

http://security.e-matters.de/advisories/012002.html