Full Disclosure mailing list archives

Re: How secure is PHP ?

From: Stefan Esser <s.esser () e-matters de>
Date: Thu, 4 Nov 2004 13:39:23 +0100

Nice try Ron,

while PHP indeed had lots of advisories in the past, your
list is FUD.

Many of the listed vulnerabilities are within non standard
or even EXPERIMENTAL extensions, are theoretical vulnerabilities,
are only exploitable if precondition a,b,c,d,e,f,g is fullfilled
or are only affecting the windows platform.

Stefan



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

How secure is PHP ? Nayana Somaratna (Nov 01)
- Re: How secure is PHP ? ph0enix (Nov 01)
- Re: How secure is PHP ? Gary E. Miller (Nov 01)
  - Re: How secure is PHP ? Dan Margolis (Nov 02)
    - Re: How secure is PHP ? Gary E. Miller (Nov 02)
    - Re: How secure is PHP ? Ron DuFresne (Nov 04)
    - Re: How secure is PHP ? Stefan Esser (Nov 04)
    - Re: How secure is PHP ? Ron DuFresne (Nov 22)
    - Re: How secure is PHP ? Gary E. Miller (Nov 04)
    - Re: How secure is PHP ? Dan Margolis (Nov 11)
  - Re: How secure is PHP ? Adam Jacob Muller (Nov 02)
- Re: How secure is PHP ? Morgan Reed (Nov 02)
- <Possible follow-ups>
- RE: How secure is PHP ? Sandeep Sengupta (Nov 01)
  - Re: How secure is PHP ? Meder Kydyraliev (Nov 01)
- Re: How secure is PHP ? J b (Nov 04)
  - Re: How secure is PHP ? VeNoMouS (Nov 04)
  - Re: How secure is PHP ? Matt (Nov 05)

(Thread continues...)