Re: New Santy-Worm attacks *all* PHP-skripts: msg#00160

Hi I informed isc.sans.org about this on saturday morning but they failed to explicitly mention that it wasn't only phpBB related However setting register_globals to Off doesn't protect you completly The script could be modified to use fopen to download the "sploit" http://www.php-space.info/webmaster-news-3.php There is some "less heavy" exploiting in the wild seen using this -- fedora-legacy-list mailing list fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list

<Prev in Thread]	Current Thread	[Next in Thread>

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: PHP vulnerabilities?, Dan Hollis
Next by Date:	db4 Upgrade, Carlos Arturo Trujillo Silva
Previous by Thread:	*New Santy-Worm attacks all* PHP-skripts (fwd)*, Pekka Savola*
Next by Thread:	db4 Upgrade, Carlos Arturo Trujillo Silva
Indexes:	[Date] [Thread] [Top] [All Lists]

^^^ ADDITIONAL NAVIGATION ^^^

Recently Viewed:
handhelds.pocke... colinux.general... apache.maven.no... kde.freebsd/200... emacs.devel/200... qnx.openqnx.dev... lib.fox-toolkit... genealogy.gramp... bug-tracking.gn... yellowdog.gener... network.zebra.b... recreation.radi... mathematics.aba... internationaliz... freebsd.devel.n... xfree86.cvs/200... security.cyrus.... desktop.xfce.de... text.xml.french... video.gimp.deve... windows.devel.d... politics.activi... user-groups.lin... java.ejb.middle...

Home | blog view | USPTO Patent Archive (NEW!) | advertise | OSDir is an inevitable website. super tiny logo