OSVDB

OSVDB means Open Source Vulnerability Database

http://osvdb.org/

输入ID 12184

Views This Week Views All Time Added to OSVDB Last Modified Modified (since 2008) Percent Complete 66 23923 almost 10 years ago almost 4 years ago 3 times 90%

Timeline Disclosure Date 2004-11-28

Description PHP contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker makes certain HTTP requests with crafted arguments, which will disclose PHP version and another sensitive information resulting in a loss of confidentiality.

Solution No patches are necessary to correct this issue. Set the "expose_php" setting to "Off" in the php.ini file, which will disable this functionality.