From: [EMAIL PROTECTED] Operating system: RH Linux PHP version: 4.3.0RC1 PHP Bug Type: Apache related Bug description: Reopening bug #19113
The *critical* error described in #19113 still exists in 4.3.0RC1. Misuse of HTTPs CONNECT-header allows tunneling and relaying of various services (like e.g. SMTP in intranets). There are thousands of open relays outside due to this bug. regards dtg -- Edit bug report at http://bugs.php.net/?id=20517&edit=1 -- Try a CVS snapshot: http://bugs.php.net/fix.php?id=20517&r=trysnapshot Fixed in CVS: http://bugs.php.net/fix.php?id=20517&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=20517&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=20517&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=20517&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=20517&r=support Expected behavior: http://bugs.php.net/fix.php?id=20517&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=20517&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=20517&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=20517&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=20517&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=20517&r=dst IIS Stability: http://bugs.php.net/fix.php?id=20517&r=isapi
