why is a .txt file being run as a php script?
Reindl Harald
h.reindl at thelounge.net
Mon Oct 8 18:18:08 UTC 2012
Am 08.10.2012 20:12, schrieb Joe Zeff:
> On 10/08/2012 11:08 AM, Tom Horsley wrote:
>> Anyone have any clue what is causing this to happen?
>> I can't imagine this is something that would be desirable
>> behavior :-).
>
> What are the permissions on the file?
apache/php is not interesed at all in execute-flags
this is widely known and caused by the "MultiViews" option
and can also lead to execute PHP if images contain code
and saved with .php.gif
you can simply add php-code at the end of a image without
break image display - this is a know exploit vector for
uploaded images
Options -MultiViews
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20121008/99ba489a/attachment-0001.sig>
More information about the users
mailing list