> arbitrary PHP Codes as apache user. > From: <sl4shat_private> > MIME-Version: 1.0 > Content-Type: text/plain; charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > Date: Sun, 1 Jul 2001 23:43:17 GMT > Message-id: <200107012343.115eat_private> > > Note : sorry for my pity english. Just to be clear this vulnerability is the one we reported in pre advisory form in April (http://www.securereality.com.au/srpre00001.html) and presented in detail at the Black Hat Briefings in Asia. All users that applied our patch are not vulnerable to this problem. We'll be releasing a detailed advisory describing this hole and a paper on exploiting PHP scripts very soon. Thanks, Shaun SecureReality Pty Ltd
This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 13:04:01 PDT