Re: Re: any security problems with this?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, June 12, 2007 2:41 pm, Eric Butera wrote:
> Hopefully nobody has phpinfo just sitting out on a production server.

A quick Google:
http://www.google.com/search?hl=en&q=%22Zend+logo+This+program+makes+use+of+the+Zend+Scripting+Language+Engine%3A%22&btnG=Google+Search

will tell you that you hope in vain.

In fact, Google says that there are about 151,000 production servers
have phpinfo() just sitting out there...

Granted, some of those will be intentional by people who know what
they are doing and what they are risking.

I'm guessing that with a little effort, you could even search for
phpinfo() pages exposing passwords that are allegedly protected by
being in root-owned httpd.conf

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux