|
Posted by Steve on 02/23/07 18:38
"Rik" <luiheidsgoeroe@hotmail.com> wrote in message
news:op.tn7q1znlqnv3q9@misant...
| shimmyshack <matt.farey@gmail.com> wrote:
| Rik <luiheidsgoe...@hotmail.com> wrote:
| >> Rik <luiheidsgoe...@hotmail.com> wrote:
| >> > shimmyshack <matt.fa...@gmail.com> wrote:
| >> >> This is the only statement in my httpd.conf:
| >>
| >> >> AddType application/x-httpd-php .php
| >>
| >> >> and yet the attack works.
| >> >> The server doesnt have to be set up to parse every doc for php, that
| >> >> was an assumption.
| >> >> Has anyone here tried it on their server?
| >>
| >> > Attack does not work here on the local server....
| >>
| >> And the live server is also safe :-)
| >
| > out of interest what are you running, is php a module, ta.
|
| Homebox:
| W2K, Apache 2.2.2, PHP 5.1.4 as a module.
|
| Live server:
| FreeBSD 5.3, Apache 2.0.54, PHP 4.4.2 (yes, still, goddamnit) as a module.
lol. it feels that way some times don't it. ;^)
[Back to original message]
|