[Full-disclosure] FWD: PhotoPost vBGallery Important Security Bulletin

[trains]

Addendum to my ealier post:

Since php and perl and etc etc are all vulnerable, and php files can  
have many file suffixes beside (.php), perhaps the better <Files>  
statement would just allow images and deny everything else:

  <Files ~ "\.(gif|jpe?g|png)$">

or maybe

  <FilesMatch "\.(gif|jpe?g|png)$">

You get the idea.

tr


-------------------------------------------------
Email solutions, MS Exchange alternatives and extrication,
security services, systems integration.
Contact:    services at doctorunix.com