Did IDP detects PHP version on webserver ?
foobar47 last edited by
We have IDP250 managed by NSM.
Recently, we add an exempt rule cause “HTTP: PHP php_quot_print_encode Heap Buffer Overflow” block all websites using this function.
What about websites using unaffected PHP version ? (Versions prior to PHP 5.4.16 and 5.3.26 are vulnerable.)
In the same way, IDP block “POP3: Buffer Overflow Username” traffic, but mail server don’t use “DeleGate” nor “Hexamail”
I think IDP is blocking legitim traffic.
What can i do for this ?