Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: file_exists() bypassing , critical problem ?

From: "VeNoMouS" <venom () gen-x co nz>
Date: Tue, 3 Feb 2004 09:30:38 +1300
how is this even RELATED to full-disclosure??? man u might as well talk bout
the sco and microsoft dos, its going along the same dribble.

----- Original Message ----- 
From: "Nourredine Himeur" <nourredine.himeur () assephira com>
To: <full-disclosure () lists netsys com>; <m.esco () wp pl>
Sent: Monday, February 02, 2004 11:58 PM
Subject: Re: Re: [Full-disclosure] file_exists() bypassing , critical
problem ?



There are various methods for securing file_exists() ...

If you want to secure ... so that's unsecure , is'nt it ?


I don't think that is critical problem.

If it's not a problem Why you show us a methode to secure ?

I think many programmers don't know this problem exists !
But there is too much hypocresy in php community to admit this
vulnerability.

The article : http://www.zend.com/zend/art/art-oertli.php
don't talk about this sorry...

Nourredine Himeur

www.security-challenge.com




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: