Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Security Advisory - #1
From: Dmitry Guyvoronsky <demiurg () altaee com>
Date: Fri, 8 Feb 2002 09:28:33 +0200


PB> Details : By appending /123 to the end of a PHP file such as
PB> http://somehost/database.php/123 the PHP program will return its install
PB> path:
PB>  The following message is displayed : Premature end of script headers:
PB> C:/php/php.exe


This message is shown only if PHP installed as stand-alone CGI module.
In case of installation as web Apache module, "/123" will be simply
stored in global variable $PATH_INFO

-- 
With best regards,
Dmitry Guyvoronsky


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]