No problem, thanks.
** Changed in: php5 (Ubuntu)
Status: New => Invalid
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct subscribe
zend optimizer version has
> magic_quotes_gpc = Off
that's the only difference, beside some Zend configuration
So when I turn magic quotas On, that problem disapeares.
Seems that it's not a bug, but just a configuration mistake.
Sorry for wasting your time and
thankyou for everything.
** Atta
Ok, now I can't reproduce, with default php.ini.
So the problem seems to be with the php.ini that came with Zend Optimizer
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubunt
Using Zend Optimizer 3.3.3 as stated before
$ php --version
PHP 5.2.4-2ubuntu5.9 with Suhosin-Patch 0.9.6.2 (cli) (built: Nov 26 2009
13:59:08)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
Here is the phpinfo() output
I'll try using the orig
/usr/local/Zend/etc/php.ini? That's not the file from the libapache2
-mod-php5 package...
Could you attach the result of phpinfo(), please?
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are
/usr/local/Zend/etc/php.ini attached
** Attachment added: "php.ini"
http://launchpadlibrarian.net/36393620/php.ini
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Se
Could you please attach your /etc/php5/apache2/php.ini file, I still
can't reproduce this issue.
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Server Team, which is a
I reproduced the same effect using webroot /var/www
file test.php:
http://myserver/test.php?pageID=/../../../etc/resolv.conf%00
filesystem is ext3 on a local harddrive
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this b
Thanks for reporting this issue.
I can't seem to reproduce this with a fresh installation of php
5.2.4-2ubuntu5.9 on hardy.
Where is your web root located, so I can try with the same directory as
you? (you've got a lot of ../../../../ there...)
What type of filesystem is your server using?
Is yo
** Changed in: php5 (Ubuntu)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct su
** Visibility changed to: Private
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct subscriber.
--
Ubuntu-server-bugs mailing list
Ubuntu-
** Visibility changed to: Public
--
PHP 5.2.4-2ubuntu5.9 Possible exploit using directory traversal
https://bugs.launchpad.net/bugs/491835
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Ubuntu-server-bugs mailing list
12 matches
Mail list logo
