Re: Security Advisory - #1

From: Dmitry Guyvoronsky (demiurgat_private)
Date: Thu Feb 07 2002 - 23:28:33 PST

Next message: Elan Hasson: "RE: Long path exploit on NTFS"

Previous message: Tom Micklovitch: "MSN contact list disclosure"
In reply to: Paul Brereton: "Security Advisory - #1"
Next in thread: Colby Marks: "RE: Security Advisory - #1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

PB> Details : By appending /123 to the end of a PHP file such as
PB> http://somehost/database.php/123 the PHP program will return its install
PB> path:
PB>  The following message is displayed : Premature end of script headers:
PB> C:/php/php.exe


This message is shown only if PHP installed as stand-alone CGI module.
In case of installation as web Apache module, "/123" will be simply
stored in global variable $PATH_INFO

-- 
With best regards,
Dmitry Guyvoronsky

Next message: Elan Hasson: "RE: Long path exploit on NTFS"
Previous message: Tom Micklovitch: "MSN contact list disclosure"
In reply to: Paul Brereton: "Security Advisory - #1"
Next in thread: Colby Marks: "RE: Security Advisory - #1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Feb 08 2002 - 17:39:57 PST