Are sites that only allow trusted, registered users also affected by this issue?
To my knowledge our site does not allow anonymous users to submit announcements.
Thanks,
Brady
On Fri, 25 Feb 2005 11:01:59 -0500, Matthew McNaney
<ma...@tu...> wrote:
> The security problem is serious. You can change your MIME type to
> disguise the file.
>
> Shut down your announcement modules NOW. We are investigating this issue
> further.
>
> --
> Matthew McNaney
> Electronic Student Services
> Appalachian State University
> http://phpwebsite.appstate.edu
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Phpwebsite-developers mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers
>
--
To send me encrypted email or verify my signature, my public key is
available <a href="http://bradybellinger.com/brady.asc">here</a>.
|
