Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
Another PHP Vulnerability
Results 1 to 8 of 8

Thread: Another PHP Vulnerability

  1. #1
    Mentor coltrane's Avatar
    Join Date
    May 2001
    Location
    North Carolina
    Posts
    1,390

    Another PHP Vulnerability

    Linkage : http://www.php.net/release_4_2_2.php

    Geez, keep this up and Im going to have to start using JSP

  2. #2

    Re:Another PHP Vulnerability

    Tis why I don't like PHP.

  3. #3
    Guest

    Re:Another PHP Vulnerability

    Open Source is starting to get a bad name when it comes to security these days :-\

  4. #4
    Guest

    Re:Another PHP Vulnerability

    [quote author=Ralinx link=board=9;threadid=4295;start=0#42504 date=1027437634]
    Open Source is starting to get a bad name when it comes to security these days :-\
    [/quote]

    no worse than other development styles, plus we fix bugs quicker...

  5. #5
    Guest

    Re:Another PHP Vulnerability

    [quote author=Lovechild link=board=9;threadid=4295;start=0#42522 date=1027441016]
    no worse than other development styles, plus we fix bugs quicker...
    [/quote]

    i'm not saying it's worse and yes, we do fix them quicker
    however, it doesn't matter

    if u read articles about security in open source and security in proprietary code they will include links to stories like this.. about vulnerabilities in PHP, Apache, ...
    they won't mention however that fixes are usually out the next day (if it takes that long in the first place). in fact, they won't even mention the fixes at all. they will just say: "hey look, they had vulnerabilities too"

    now your probably thinking "so what? it's obvious that these sites suck and are of no value"
    yes that's true, but the people we are trying to convert to open source are exactly the kind of people who read those sites

  6. #6
    Guest

    Re:Another PHP Vulnerability

    Well I normally convert my friends and they all know my servers track record of getting succesfully hacked... and they of course know how stable my PC is. So I don't really care about many of those theorical security bugs as most of them really are.

  7. #7

    Re:Another PHP Vulnerability

    Lovechild: when big software like Apache, OpenSSH, PHP, BIND, etc. all appear on BugTraq it IS bad. In the case of a commercial application, someone who knows nothing (IT, MCSE, etc.) thinks "Oh, it's because it's such a big app and has so much features; it's normal that they have a security flaw once in a while." But when it's about open-source, the reaction can be more like: "What can you expect from people that are not paid? They don't know their stuff and they probably put these intentionally!"


  8. #8
    Guest

    Re:Another PHP Vulnerability

    I personally don't know many people who actually read BugTraq (or similar services) and those that do know that nobody is perfect least of all programmers.

    The problem really is that people who don't know dick about software print about "serious" bugs in software when ever there's a slow news day. And if you notice it, most of those news end with the message:
    "A fix has already been made, get it here"

    unless of course they are reporting about M$ in which case I have never seen such a message. or that, this is a bug scheduled to be fixed in the next Service pack...



Similar Threads

  1. OS X Spyware (older vulnerability)
    By Kernel_Killer in forum Security
    Replies: 0
    Last Post: 07-31-2010, 10:31 PM
  2. Ubuntu Privilege Escalation Vulnerability (9.10/10.04)
    By Kernel_Killer in forum Security
    Replies: 0
    Last Post: 07-31-2010, 10:28 PM
  3. nano editor symbolic links vulnerability
    By Kernel_Killer in forum Security
    Replies: 0
    Last Post: 06-02-2010, 04:43 PM
  4. Another local kernel vulnerability
    By demian in forum Linux - Software, Applications & Programming
    Replies: 5
    Last Post: 04-12-2004, 03:03 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •