FYI, the details have been published at https://nealpoole.com/blog/2011/08/possible-arbitrary-code-execution-with-null-bytes-php-and-old-versions-of-nginx/
Chinese hackers appear to be particularly interested in this vulnerability. I would recommend trying to release a patched version ASAP.
FYI, the details have been published at https:/ /nealpoole. com/blog/ 2011/08/ possible- arbitrary- code-execution- with-null- bytes-php- and-old- versions- of-nginx/
Chinese hackers appear to be particularly interested in this vulnerability. I would recommend trying to release a patched version ASAP.