Home page logo

basics logo Security Basics mailing list archives

Re: PHP Security Risk?
From: Andrew Smith <stfunub () gmail com>
Date: Thu, 2 Dec 2004 18:55:37 +0000

I've heard of people uploading and compiling source code in a temp directory

On Wed, 1 Dec 2004 18:53:15 -0500, Stephane Auger
<stephaneauger () pre2post com> wrote:

Hi guys,

  I don't know if this is the right mailing list to ask this, if not
don't hesitate to warn me.  I'm using a Windows Server 2003 with IIS6
and PHP5.  Fully patched, by the way.  Someone asked me to enable the
file-upload function in PHP so people could upload files to his web
site, which is one of many I host.  Does anyone know if file uploading
in PHP could cause a security risk on the server?  I know there used to
be many flaws in the old versions, but I don't know about now... I
haven't seen anything recent about this.  Thanks for your help!

Stephane Auger


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]