[AusNOG] Fwd: PEAR PHP Compromised - Possible Backdoor Going Back 6 Months!

Noel Butler noel.butler at ausics.net
Thu Jan 24 16:30:33 EST 2019


This did the rounds of twitter last night, but incase your heads been in
the sand... 

-------- Original Message -------- 
If you use the popular PEAR PHP extension or have within the last 6
months, there is a possibility that a backdoor could have been
introduced depending on how you installed the extension.

"... this does *not* affect the PEAR installer package itself... it
affects the go-pear.phar executable that you would use to initially
install the PEAR installer. Using the `pear` command to install various
PEAR package is *not* affected."

There is still a lot of questions and PEAR PHP are in the process of
investigating the full extent of what happened. Please check the
references below for the latest updates.

Reference(s):
------------

https://twitter.com/pear

http://blog.pear.php.net/

-- 
Kind Regards, 

Noel Butler 

 		This Email, including any attachments, may contain legally privileged
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written
authority to do so. If you are not the intended recipient, please notify
the sender then delete all copies of this message including attachments,
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message. Only
PDF [1] and ODF [2] documents accepted, please do not send proprietary
formatted documents 

 

Links:
------
[1] http://www.adobe.com/
[2] http://en.wikipedia.org/wiki/OpenDocument
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20190124/926143e9/attachment.html>


More information about the AusNOG mailing list