Welcome to Geeklog, Anonymous Monday, January 30 2023 @ 10:04 am EST

Geeklog Forums

Vulnerability in search.php?


Status: offline

Yeraze

Forum User
Newbie
Registered: 02/19/06
Posts: 10
confused
I'm currently setting up a Geeklog website for a DOD agency, and the TNOSC has blocked the 'search.php' because:

the script enables buffer overflow attacks.


Anyone know anything more specific about what they may be referring to? I found an old CVE (CVE-2005-4026) about search.php, but it wasn't about buffer overflows.

:banghead:
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
That's certainly the first I am hearing about it ...

If you can get any more information, please forward it (or ask it to be forwarded) to our security contact, i.e. geeklog-security(AT)lists.geeklog.net and we'll look into the issue.

CVE-2005-4026 was mostly harmless (a path disclosure) and shouldn't have anything to do with a buffer overflow.

bye, Dirk
 Quote

All times are EST. The time is now 10:04 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content