Is php 4.0.6 really unsecure???

Hey folks, here is the delima.

My host has several servers, some of them are running php4.1.1 others are running 4.0.6.
Are either of these actually worthy of tight security with normal settings in place? i.e... file uploads set to enabled

Reading over some of the post on thier forum, apparently both of the above are open to security breaches from some command line hackers... which can, HAVE, and I am sure will continue to have full (self granted) access priveleges to the entire server.

When I asked support of when they expect to upgrade 'my server' I was giving a response that was not very well recieved, In fact it pissed me off!
The response is as follows:
Our ticket system has taken priority to software upgrades. We will be preparing for software upgrades again once we get our ticket queue back under control.

It is in our plans, but I can't give you a schedule just yet.

While the above response may seem reasonable to some minute extent, it does not make me very comfortable.


Any thoughts of what to do and how to react would be appreciated.

Thanks,
snoooky~

 

 

 

 

Top