[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data

To: "Jeff Rosowski" <rosowskij@xxxxxxxxxx>
Subject: Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data
From: "John Bond" <john.r.bond@xxxxxxxxx>
Date: Tue, 4 Apr 2006 14:29:26 +0100

On 3/29/06, Jeff Rosowski <rosowskij@xxxxxxxxxx> wrote:

> It also doesn't affect all versions of PHP.  on 5.0.5, it returns \0
> followed by however many Ss you put after it. And your right you wouldn't
> trust user imput like that.
>
> _______________________________________________

I get this behaviour on php v5.0.4 on windows box

References:
- Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data
  - From: Jeff Rosowski

Prev by Date: Re: recursive DNS servers DDoS as a growing DDoS problem
Next by Date: Re: Limbo CMS code execution
Previous by thread: Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data
Next by thread: Re: Re: Cantv/Movilnet's Web SMS vulnerability.
Index(es):
- Date
- Thread