Assigning the return value of new by reference is deprecated bug - Web Application Security

a_tek7

I was visiting a website and I found these errors at the top of the page:

Deprecated: Assigning the return value of new by reference is deprecated in /data/32/1/91/103/1743918/user/1883987/htdocs/AAAAA/inc/items/model/_item.class.php on line 3032

Warning: Cannot modify header information - headers already sent by (output started at /data/32/1/91/103/1743918/user/1883987/htdocs/hacktivision/inc/_main.inc.php:205) in/data/32/1/91/103/1743918/user/1883987/htdocs/AAAAAA/inc/skins/_skin.funcs.php on line 379

Are these error indicate some kind of vulnerability and exploitable??what this vulnerability called?

Regards

A_tek7

m0rph

Sorry a_tek7, these are just general errors, and are generally only shown due to poorly written code. However, this does not mean there are not any vulnerabilities elsewhere. Granted you own the site/have permission from the owner it would be worthwhile to look into other areas of the website.

Mr. P-teo

As m0rph as siad they are general errors, the first im not too sure
about but the second will be because they haven't use the php command
- ob_flush();

However the fact these were easy for you to see on the website shows
there are most likly vulns on the website. But do get permission to test
as webservers keep a number of logs about the page you request and any
errors that are produced. These will log you IP, browser, page etc.

a_tek7

Tx friends for information

Mr. P-teo

no problem, id recommend you have a brief look at server logs as these are important to keeping you safe.

http://msdn.microsoft.com/en-us/library/aa905133(v=sql.80).aspx#

http://httpd.apache.org/docs/1.3/logs.html

Be sure to use a VPN or at least a proxy.

a_tek7

tx Mr. P-teo Now I'm using :D

Howdy, Stranger!

Top Posters

Who's Online (2)