[Zope-dev] OT: These PHP guys are so funny

Stefane Fermigier sf at nuxeo.com
Tue Jul 5 10:03:23 EDT 2005


Florent Guillaume wrote:
> They use buggy eval() in their XMLRPC code, which of course causes  
> massive security problems, notably with RSS...
> 
> http://www.gulftech.org/?node=research&article_id=00088-07022005
> http://news.netcraft.com/archives/2005/07/04/ 
> php_blogging_apps_vulnerable_to_xmlrpc_exploits.html
> 
> Florent
> 

I sincerely hope we are better than they are.

   S.

-- 
Stéfane Fermigier, Tel: +33 (0)6 63 04 12 77 (mobile).
Nuxeo Collaborative Portal Server: http://www.nuxeo.com/cps
Gestion de contenu web / portail collaboratif / groupware / open source!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sf.vcf
Type: text/x-vcard
Size: 275 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/zope-dev/attachments/20050705/6e1f8665/sf.vcf


More information about the Zope-Dev mailing list