Emil Lerner
Emil Lerner
Hi @orangetw, thank you for looking into this. The problem with `output_handler=md5` is that it will corrupt the configuration of running workers to the point that it prevents the output...
I was afraid that the second request may go to another php-fpm worker, so the poisoned worker will remain with `output_handler=md5`. During my tests even ~50 reset attempts were not...
No, splitting nginx and php-fpm in different containers doesn't protect you in any way. It is strange that QSLs are found even though you have updated your servers. I suggest...
Hi @geosphere, What is the expected behaviour in this case?
Agree, that's confusing. Sorry I didn't notice the timing first. Internally, the exploit tries to modify the environment of the php-fpm workers trough the bug (and by modifying the environment...
Hi, @dandv, I'm really eager to know what it means in Romanian (or what phrase it is similar too). In Russian "pizda" means cunt and that's it.
Hello, Yes, I've actually thought about running the client on a phone, however I haven't got enough time to implement this in practice. I will do this eventually.