Citat:
littleboy: Pa ne drzi svako sajt..
Da, ali zato svaki linux zealot 100 puta naglasava da prakticki mozes od doma hostati svoj web server dzaba, etc..
Citat:
Jeste poenta share the code, evo DJB sheruje kod pa niko nije eksploitovo nista od 98e, pa do dana danasnjeg ... kao sto rekoh, to je do programera..
A sta je taj DJB? Nesto PHP-alike? Ako ne, ne zanima me jer nema veze sa temom.
Od te fame o windoze softveru kao punom bugova mi se vec lagano povraca...
Sta kazes na one statistike od IIS 6.0 vs Apache 2.x koje sam postao par tema dole??
Evo ti za PHP vs ASP.NET:
ASP.NET
2004-03-08: Multiple Vendor HTTP Response Splitting Vulnerability
2003-11-14: Microsoft ASP.NET Request Validation Null Byte Filter Bypass Vulnerability
PHP
2004-03-24: PHP openlog() Buffer Overflow Vulnerability
2003-11-07: PHP emalloc() Unspecified Integer Overflow Memory Corruption Vulnerability
2003-11-07: PHP wordwrap() Heap Corruption Vulnerability
2003-09-24: PHP4 Multiple Vulnerabilities
2003-09-24: PHP4 Base64_Encode() Integer Overflow Vulnerability
2003-08-25: PHP Transparent Session ID Cross Site Scripting Vulnerability
2003-08-13: PHP Mail Function ASCII Control Character Header Spoofing Vulnerability
2003-08-13: PHP Function CRLF Injection Vulnerability
2003-08-13: PHP DLOpen Memory Disclosure Vulnerability
2003-07-17: PHP Undefined Safe_Mode_Include_Dir Safemode Bypass Vulnerability
2003-06-08: PHP STR_Repeat Boundary Condition Error Vulnerability
2003-06-08: PHP array_pad() Integer Overflow Memory Corruption Vulnerability
2003-06-04: PHP PHPInfo Cross-Site Scripting Vulnerability
2003-05-19: PHP Post File Upload Buffer Overflow Vulnerabilities
2003-05-07: PHP SafeMode Arbitrary File Execution Vulnerability
2003-04-14: PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
2003-03-26: PHP socket_recvfrom() Signed Integer Memory Corruption Vulnerability
2003-03-26: PHP socket_recv() Signed Integer Memory Corruption Vulnerability
2003-03-25: PHP socket_iovec_alloc() Integer Overflow Vulnerability
2003-02-19: PHP CGI SAPI Code Execution Vulnerability
2003-01-08: PHP 4.0.3 IMAP Module Buffer Overflow Vulnerability
2002-09-07: PHP Header Function Script Injection Vulnerability
2002-08-08: PHP HTTP POST Incorrect MIME Header Parsing Vulnerability
2002-07-22: PHP Interpreter Direct Invocation Denial Of Service Vulnerability
2002-04-25: PHP posix_getpwnam / posix_getpwuid safe_mode Circumvention Vulnerability
2002-03-21: PHP Move_Uploaded_File Open_Basedir Circumvention Vulnerability
Provjeri na
http://www.securityfocus.com/bid/vendor/ ako ne vjerujes..
A sta s tim losim programerima, kao, u OSS zajednici postoji labela koji je kod kvalitetan a koji nije?