[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 4 Apr 2006 14:29:26 +0100
From: "John Bond" <john.r.bond@...il.com>
To: "Jeff Rosowski" <rosowskij@...ymp.gov>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: Critical PHP bug - act ASAP if you are running
web with sensitive data
On 3/29/06, Jeff Rosowski <rosowskij@...ymp.gov> wrote:
> It also doesn't affect all versions of PHP. on 5.0.5, it returns \0
> followed by however many Ss you put after it. And your right you wouldn't
> trust user imput like that.
>
> _______________________________________________
I get this behaviour on php v5.0.4 on windows box
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists