Interesting. In the sans link that links from the phpclasses site, it meantions a good paper about how to secure php file uploads that showed up on the full disclosure mailing list the other day:
http://www.scanit.be/uploads/php-file-upload.pdf A good read for people who want to prevent this type of attack. -phpninja On 6/21/07, Scott Hill <[EMAIL PROTECTED]> wrote:
Don't know if anyone else has seen this, but I thought it was interesting. http://www.phpclasses.org/blog/post/67-PHP-security-exploit-with-GIF-images.html Scott Hill "May you solve interesting problems" - Author Unknown "A fanatic is one who can't change his mind and won't change the subject." - Sir Winston Churchill _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
_______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
