[OT]Fake emails being as "failure to deliver"
J.T.Blaylock
yellowdog-general@lists.terrasoftsolutions.com
Thu Jun 10 07:11:35 2004
PHP is server side. It has nothing to do with browsers, so they will
all do the same thing.
J.T.
On Jun 9, 2004, at 10:06 PM, Eli wrote:
>
> On Wed, 2004-06-09 at 14:21, Norberto Quintanar wrote:
>> If you get an email message similiar to the one below don't click on
>> it. It's part of a malicious spammers idea to infect your computer
>> and get your password. It exploits a flaw/ bug in php. The PHP-Nuke
>> contains an exploitable SQL injection vulnerability that can be used
>> by attackers to cause the system to execute arbitrary SQL statements.
>
> so if i'm reading my email from my freebsd _workstation_, and happened
> to be using konqueror or evolution, and i foolishly click on the link -
> what will happen?
>
> is this thing going to try and execute arbitrary sql queries using php
> on my local workstation (freebsd)?
>
> i'm not running mysql or postgressql on my workstation. is the php
> script even going to get executed for that matter? what browsers are
> vulnerable, i wonder. (do they all execute php the same way?)
>
> what specific situation is this really exploiting? someone who is
> surfing the web from their server?
>
> just wondering.
>
> e
>
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> HINT: to Google archives, try '<keywords> site:terrasoftsolutions.com'