l33t "security specialists"

Monday, December 18. 2006

I just noticed, that when you search for phpSATk in google you will find various posts of some "advisory" (including a "exploit") of some ~~l33t idiot kiddie~~ hacker which obviously has been posted a month ago (of course I was not notified). You can find the whole story here. First this is funny because the distribution (called beta1) they thought they hacked is 2 years old and I know about nobody (including myself) who is using it - I discontinued it in favor of a php5 version before it was usable. It seems like they were using some automatic scanning tool ~~or do really have no clue what they are talking about~~ because there obviously is no such vulnerability (look here and if you really want to - look at the code). On the other side this really sucks because everyone looking for phpSATk will now find some bogus security advisory.

To emphasize this again: This is not the software developed now and the security hole they claim to have found does not exist.

Posted by Moritz Bechler at 14:04 | Comments (0) | Trackbacks (0)

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Name
Email
Homepage
In reply to
Comment	Enclosing asterisks marks text as bold (word), underscore are made via _word_. Standard emoticons like :-) and ;-) are converted to images. To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above: You can use [geshi lang=lang_name [,ln={y\|n}]][/lang] tags to embed source code snippets
	Remember Information?