lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACRQBjBUgJ=xF1RZt3DcmG07rp9Zc-TijDdnsq8ssmiUT9+2Ew@mail.gmail.com> Date: Fri, 8 Jul 2011 22:27:21 +0200 From: Mango <h@...r.se> To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk, websec10@...-sec.org, websecurity@...ts.webappsec.org Subject: phpMyAdmin 3.x preg_replace RCE POC I'm flooded with requests for a POC and many doubt that these vulnerabilities are exploitable. And since this vulnerability is rather technically interesting I believe many could learn from it. http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists