[prev in list] [next in list] [prev in thread] [next in thread]
List: zope-dev
Subject: Re: [Zope-dev] OT: These PHP guys are so funny
From: Stefane Fermigier <sf () nuxeo ! com>
Date: 2005-07-05 14:03:23
Message-ID: 42CA932B.3020807 () nuxeo ! com
[Download RAW message or body]
Florent Guillaume wrote:
> They use buggy eval() in their XMLRPC code, which of course causes
> massive security problems, notably with RSS...
>
> http://www.gulftech.org/?node=research&article_id=00088-07022005
> http://news.netcraft.com/archives/2005/07/04/
> php_blogging_apps_vulnerable_to_xmlrpc_exploits.html
>
> Florent
>
I sincerely hope we are better than they are.
S.
--
Stéfane Fermigier, Tel: +33 (0)6 63 04 12 77 (mobile).
Nuxeo Collaborative Portal Server: http://www.nuxeo.com/cps
Gestion de contenu web / portail collaboratif / groupware / open source!
["sf.vcf" (text/x-vcard)]
_______________________________________________
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic