On Mon, 14 Jan 2008 00:15:27 +0000 Karanbir Singh <kbsingh@xxxxxxxxxx> wrote: > Mark Weaver wrote: > > those patches didn't do much for keeping one of my systems from > > being breached via php. from the looks of the web server logs as > > well as the messages log file that's where they got in. > > I am still waiting for you to post some demonstrate-able exploit in > the distro supplied php packages. > > - KB while I understand why you'd like proof of concept for the exploit it's not something I'd post on a public mailing list. Not to mention the exploit was trashed when I reloaded the system. At the time it didn't seem expedient for to save that which killed my server for posterity. Mark _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: PHP 5.2.5 when ?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: Re: PHP 5.2.5 when ?
- From: Mark Weaver <mdw1982@xxxxxxxxxxx>
- Date: Sun, 13 Jan 2008 16:09:22 -0500
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <478AA99F.5050709@xxxxxxxxxx>
- References: <c42ba6aa0801110200r6f2e169bw8ace58a7a2983c21@xxxxxxxxxxxxxx> <47873F84.4020906@xxxxxxxxxx> <20080113080312.6d7a0fba@xxxxxxxxxxxxxxxxxxxxx> <alpine.LRH.1.00.0801131422530.19093@xxxxxxxxxxxxxxxxxxxxx> <20080113141404.0670a7cb@xxxxxxxxxxxxxxxxxxxxx> <478AA99F.5050709@xxxxxxxxxx>
- Follow-Ups:
- Re: PHP 5.2.5 when ?
- From: Karanbir Singh
- Re: PHP 5.2.5 when ?
- References:
- PHP 5.2.5 when ?
- From: Santa Claus
- Re: PHP 5.2.5 when ?
- From: Johnny Hughes
- Re: PHP 5.2.5 when ?
- From: Mark Weaver
- Re: PHP 5.2.5 when ?
- From: Joshua Baker-LePain
- Re: PHP 5.2.5 when ?
- From: Mark Weaver
- Re: PHP 5.2.5 when ?
- From: Karanbir Singh
- PHP 5.2.5 when ?
- Prev by Date: Re: PHP 5.2.5 when ?
- Next by Date: Re: PHP 5.2.5 when ?
- Previous by thread: Re: PHP 5.2.5 when ?
- Next by thread: Re: PHP 5.2.5 when ?
- Index(es):
 |