Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure: Re: Critical PHP bug - act ASAP if you are running web with sensitive data

Re: Critical PHP bug - act ASAP if you are running web with sensitive data

From: John Bond <john.r.bond_at_gmail.com>
Date: Tue, 4 Apr 2006 14:29:26 +0100

On 3/29/06, Jeff Rosowski <rosowskij_at_ie.ymp.gov> wrote:

> It also doesn't affect all versions of PHP. on 5.0.5, it returns \0
> followed by however many Ss you put after it. And your right you wouldn't
> trust user imput like that.
>
> _______________________________________________

I get this behaviour on php v5.0.4 on windows box

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Apr 04 2006

This message: [ Message body ]
Next message: Richard Horsman: "[SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability"
Previous message: john kalergis: "Re: Kazaa"
Maybe in reply to: Moriyoshi Koizumi: "Re: Critical PHP bug - act ASAP if you are running web with sensitive data"
Next in thread: Moriyoshi Koizumi: "Re: Critical PHP bug - act ASAP if you are running web with sensitive data"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]