Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PHP ip2long() function circumvention

from [darylf] Network Security [Permanent Link]
Subject: Re: PHP ip2long() function circumvention
Date: 29 Jul 2006 21:43:14 -0000 
I think you should have reported this as a MiniBB vulnerability (and I'm 
assuming you have).
I don't know if I would really classify this as an issue with the PHP function, 
though it may require looking into. I recently discovered similar behavior in 
Windows resolving applications. I can't be certain that the Windows resolver 
itself is the culprit, as I haven't tested (maybe one of you would like to do 
so), but when using the "/dns" command in mIRC, a tab and other special 
characters as an argument (preceding valid input data) seems to return the 
local host name.
I'm not sure whether that's expected behavior, but it's very similar to this, 
only less relevant to the security of a particular application.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Portail PHP v1.7 Remote File Include, x0r0n
Next by Date:  [Full-disclosure] Re: Do world's famous companies take care of their security?, Steven M. Christey
Previous by Thread:  PHP ip2long() function circumvention, rgod
Next by Thread:  Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities, A-S-T2006
Indexes:  [Date] [Thread] [Top] [All Lists]