NYCPHP Meetup

NYPHP.org

[nycphp-talk] php vulns from SecurityFocus Newsletter # 211

Jon Baer jonbaer at jonbaer.net
Mon Aug 25 22:12:23 EDT 2003


just as a request ...

id like to see some demos of some security vulnerabilities that are
constantly listed in security focus alerts @ some of the meetings ... for
one @ the beginning of getting into php id dive into code that was part of
some of these apps to notice how certain things were accomplished and then
for the apps to be listed like this makes me a little nervous ... either
that or a good white paper on secure php coding practices would help ...

i mean can this be taken as a joke:
PHPSecureSite SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/8427

(keep in mind this has already been fixed in the product) but the patch for
the problem was not easily located to see what was done.  anyone have a link
for these issues?

- jon




More information about the talk mailing list