 |
 |
 |
 |
|
|
Date: 09/05/00
- Next message: Stanislav Malyshev: "Re: [PHP-DEV] Re: [PHP] [Fwd: (SRADV00001) Arbitrary filedisclosurethrough PHP file upload]"
- Previous message: Johannes Scherbaum: "[PHP-DEV] Re: PHP 4.0 Bug #5671 Updated: problems with asp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ZS>> Great, thanks!
ZS>> I've strengthened (and fixed) the actual logic of the protection code, so
ZS>> it's now supposed to actually work, instead of just not crashing :)
ZS>> Everyone who can check it - please do - I want to update Bugtraq.
Note that we still have problem with "fake upload" - you can force file
upload script into thinking it has a valid upload while it has not.
-- Stanislav Malyshev stas <email protected> http://www.zend.com/ +972-3-6139665 ext.106-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: php-dev-unsubscribe <email protected> For additional commands, e-mail: php-dev-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Stanislav Malyshev: "Re: [PHP-DEV] Re: [PHP] [Fwd: (SRADV00001) Arbitrary filedisclosurethrough PHP file upload]"
- Previous message: Johannes Scherbaum: "[PHP-DEV] Re: PHP 4.0 Bug #5671 Updated: problems with asp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]