I question the vulnerability. I don't think it applies. the alert is
from 2006, and there isn't a POC I have tested against php52- 5.2.17
with nulls in it that seems to trigger anything but 404 errors.
(please don't try on ours... this is not a challenge. but if you have a
POC, let me know
Hi,
On Thu, Mar 3, 2011 at 12:09 PM, Andrea Venturoli m...@netfence.it wrote:
Hello.
As you probably know, it looks like php52 is vulnerable:
Affected package: php52-5.2.17
Type of problem: php -- NULL byte poisoning.
Reference: