1. How to do it
2. How to stop it
Is this something to do with server config, or poor coding, perhaps both?
Someone please enlighten me.
EDIT: spammers suck, down with all spam.
P.s. Merry X-Mas..
Moderator: General Moderators
You need the PoC? Search the bugtraq mailing list.fresh wrote:What was the point of that stupid advisory? It read more like a marketing brochure for their group than a security advisory.. who the hell posts a security advisement without proving it works?
Why do you need it?... I would still like to know two things:
1. How to do it
Upgrade to the latest versionfresh wrote: 2. How to stop it
What's so wrong with upgrading?Is this something to do with server config, or poor coding, perhaps both? If this vulnerbalitiy can allow someone to run shell code, then I'd say these guys need to come up with something better than upgrade to the latest, or try my product..
Stefan Esser is respectable enough.
I don't know how respectable these guys are
It's already fixed. In latest versions of php (for both branches).I just think it is completly absurd to say this and this can happen and then to turn around and say oh and we aren't telling you s**t about how to stop it or fix it or to provide an example of what makes it happen.. I mean how else are we to work to fix it otherwise?
If you ever notice a spam, just notify moderators. We will take necessary actions. No need to start any rant.EDIT: And what the f**k is up with these dumbasses spamming this forum!!