[pLog-svn] [Lifetype Vulnerability] Very Serious File Disclosure Problem (read passwords/config whatever you want)
howard chen
howachen at gmail.com
Wed Feb 14 00:29:39 EST 2007
On 2/14/07, Jon Daley <plogworld at jon.limedaley.com> wrote:
> Good catch Matt. As far as the server getting hosed, it is okay
> (relatively so) in my case since mysql doesn't allow connections from
> remote hosts. But, this is an issue particularly for hosts (that's
> probably pretty much all of them) that allow remote mysql access.
> I'll have to take a look at these sorts of bugs - Someone made a
> pass through during 1.0.4-1.0.6 timeframe, but there are presumably other
> ones like this.
>
hello,
can you confirm which version is affected?
thanks.
More information about the pLog-svn
mailing list