Quoting Olivier <oliv...@ablinux.com>:
suhosin[2446]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'view' (attacker 'XXX.XXX.XXX.XXX', file '.../services/ajax.php')
Still waiting for someone to tell me how a NULL character, by itself, is a security threat.
Maybe suhosin should also filter out j, a, v, s, c, r, i, p, and t characters because they can be used to create XSS attacks.
michael ___________________________________ Michael Slusarz [slus...@horde.org] -- IMP mailing list Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail: imp-unsubscr...@lists.horde.org
