Full Disclosure mailing list archives
Re: Critical PHP bug - act ASAP if you are running web with sensitive data
From: "John Bond" <john.r.bond () gmail com>
Date: Tue, 4 Apr 2006 14:29:26 +0100
On 3/29/06, Jeff Rosowski <rosowskij () ie ymp gov> wrote:
It also doesn't affect all versions of PHP. on 5.0.5, it returns \0 followed by however many Ss you put after it. And your right you wouldn't trust user imput like that. _______________________________________________
I get this behaviour on php v5.0.4 on windows box _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Moriyoshi Koizumi (Apr 03)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Apr 03)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Apr 03)
- Message not available
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Moriyoshi Koizumi (Apr 05)
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data Jasper Bryant-Greene (Apr 03)
- <Possible follow-ups>
- Re: Critical PHP bug - act ASAP if you are running web with sensitive data John Bond (Apr 04)