| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: venom at gen-x.co.nz (VeNoMouS) Subject: file_exists() bypassing , critical problem ? how is this even RELATED to full-disclosure??? man u might as well talk bout the sco and microsoft dos, its going along the same dribble. ----- Original Message ----- From: "Nourredine Himeur" <nourredine.himeur@...ephira.com> To: <full-disclosure@...ts.netsys.com>; <m.esco@...pl> Sent: Monday, February 02, 2004 11:58 PM Subject: Re: Re: [Full-Disclosure] file_exists() bypassing , critical problem ? > > There are various methods for securing file_exists() ... > If you want to secure ... so that's unsecure , is'nt it ? > > >I don't think that is critical problem. > If it's not a problem Why you show us a methode to secure ? > > I think many programmers don't know this problem exists ! > But there is too much hypocresy in php community to admit this > vulnerability. > > The article : http://www.zend.com/zend/art/art-oertli.php > don't talk about this sorry... > > Nourredine Himeur > > www.security-challenge.com > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists