If you currently use PHP (versions prior to 4.3.10), you may be susceptible to a vulnerability through the "unserialize" function. This could
allow a
remote user access to your web server content. If you are using an older
version of PHP, we strongly recommend that you upgrade as soon as possible.
To upgrade to PHP 4.3.10, run the following command from your VPS shell
prompt:
For original VPS or Solaris VPS accounts:
vinstall php4-dso
For VPS v2 accounts:
vinstall php4
For accounts using PHP-CGI:
vinstall php4-cgi
The above instructions also apply to MPS accounts. All Signature accounts have already been updated.
Important: If you choose to upgrade your PHP install, you may also need to upgrade MySQL. After installing PHP 4.3.10 if you find you are no longer able to connect to your database(s) via PHP, it will be necessary to upgrade your MySQL in order to resolve the problem.
More information about the vulnerability may be found at:
http://www.php.net/release_4_3_10.php
How do I know if I am using PHP?
Web page files with a .php extension typically indicate php usage. Also, you can check for a line in your httpd.conf file similar to this one:
LoadModule php4_module modules/mod_php4-4.x.x.so
If you have any questions or concerns, please contact our Technical
Support Staff