The following column was published on SecurityFocus today:
PHP apps: Security's Low-Hanging Fruit
by Kelly Martin
published 2007-01-08
PHP has become the most popular application language on the web, but common
security mistakes by developers are giving PHP a bad name. Here's how PHP
coding errors have become the new low-hanging fruit for attackers, contributing
to the phishing problems on the web.
Re: portscanner written in PHP ... Subject: portscanner written in PHP... eval's the code sent by the master.... In short, the agent... This list is provided by the SecurityFocus Security Intelligence Alert Service. ... (Pen-Test)
Re: portscanner written in PHP ... Subject: portscanner written in PHP... I wrote a php port scanner + vuln tester at least a year and a half ago (not ... This list is provided by the SecurityFocus Security Intelligence Alert... For more information on SecurityFocus' SIA service which ... (Pen-Test)
Re: Breaking backwards compatibility - good or bad? ... coming and are needed to anything really big and useful in PHP.... command or statement in the language that is going to be made invalid ... The PHP team tries very hard not to break CORRECT scripts...."Introducing case-sensitivity for variables and functions names has ... (comp.lang.php)
Re: Case sensitivity in programming languages. ... the language.... And these conventions take advantage of case sensitivity. ... In PHP it can be any of those things. ... group of programmers who want t force their stupid ideas onto others. ... (comp.lang.php)
