Hi,
In March the 25th, I wrote a line about a security problem with
PHP3+postgres+apache shipped with Potato, due to character encoding. The
security team judged it wasn't a security problem, so I suppose I can
publish details about the problem.
apache 1.3.9-14
php3 3.0.18-0p
Hi,
In March the 25th, I wrote a line about a security problem with
PHP3+postgres+apache shipped with Potato, due to character encoding. The
security team judged it wasn't a security problem, so I suppose I can
publish details about the problem.
apache 1.3.9-14
php3 3.0.18-0
On Mon, Mar 25, 2002 at 04:54:37PM +0100, Beno?t Sibaud wrote:
> I think I found a security problem in PHP3+postgres+apache shipped with
> Potato.
>
> Correct me if I'm wrong, but the following code should support any $var.
> If you uncomment the client_encoding line, I'm able to execute any
> r
On Mon, Mar 25, 2002 at 04:54:37PM +0100, Beno?t Sibaud wrote:
> I think I found a security problem in PHP3+postgres+apache shipped with
> Potato.
>
> Correct me if I'm wrong, but the following code should support any $var.
> If you uncomment the client_encoding line, I'm able to execute any
>
> > What's the normal way to make a security bug report?
> apt-get install bug
The 'bug' package is for "normal" bugs. [EMAIL PROTECTED] seems to be
the good place to report security problems. Sorry for my previous post.
--
Benoît Sibaud
R&D Engineer - France Telecom
--
To UNSUBSCRIBE, email
-Original Message-
From: Benoît Sibaud [mailto:[EMAIL PROTECTED]
Sent: Monday, March 25, 2002 4:55 PM
To: debian-security@lists.debian.org
Subject: Security problem in PHP3+Postgres with Potato?
> What's the normal way to make a security bug report?
apt-get install bug
__
> > What's the normal way to make a security bug report?
> apt-get install bug
The 'bug' package is for "normal" bugs. [EMAIL PROTECTED] seems to be
the good place to report security problems. Sorry for my previous post.
--
Benoît Sibaud
R&D Engineer - France Telecom
--
To UNSUBSCRIBE, email
-Original Message-
From: Benoît Sibaud [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 25, 2002 4:55 PM
To: [EMAIL PROTECTED]
Subject: Security problem in PHP3+Postgres with Potato?
> What's the normal way to make a security bug report?
apt-get install bug
___
8 matches
Mail list logo