ID: 19113 Comment by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Feedback Bug Type: Apache related Operating System: FreeBSD 4.6.2 PHP Version: 4.2.2 New Comment:
This bug is VERY serious. Our web servers have be attacked and used for relaying SPAM. Spammers are using the CONNECT command to proxy to open relay servers masking their IP addresses with ours. Previous Comments: ------------------------------------------------------------------------ [2002-12-12 05:52:03] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-latest.zip ------------------------------------------------------------------------ [2002-12-12 05:19:30] [EMAIL PROTECTED] I was now able reproduce this problem, but only in case when index.php was in DocumentRoot of first defined name-based virtual server (which is accepted as the default on that IP/port in such case), and index.php was the default script to execute (if there was something before index.php in DirectoryIndex and if it also existed in DocumentRoot of the default vhost, the bug did not apply). Therefore, i think it is really a php bug I reproduced this with Apache-1.3.26+php-4.1.2 on debian GNU/linux 3.0-woody and also Apache-1.3.27+php-4.2.3 on FreeBSD-4.6.2 ------------------------------------------------------------------------ [2002-12-03 10:01:43] [EMAIL PROTECTED] Hello, I also have problems with this. However, using apache-1.2.27+mod_ssl2.8.11 and php-4.2.3 i was not able to reproduce this problem with defined way. I think that is not php-related. ------------------------------------------------------------------------ [2002-11-20 07:41:09] [EMAIL PROTECTED] Reopening, on request of #20517. ------------------------------------------------------------------------ [2002-11-16 01:00:04] [EMAIL PROTECTED] No feedback was provided for this bug for over 2 weeks, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/19113 -- Edit this bug report at http://bugs.php.net/?id=19113&edit=1
